Login Sign Up

CVE-2025-15197

4.7 MEDIUM

📋 TL;DR

This vulnerability allows remote attackers to upload arbitrary files to the Content Management System and News-Buzz 1.0 through the /admin/editposts.php endpoint. Attackers can exploit this to upload malicious files like webshells or malware. Systems running code-projects/anirbandutta9 CMS or News-Buzz 1.0 with the vulnerable file are affected.

💻 Affected Systems

Products:
  • code-projects/anirbandutta9 Content Management System
  • News-Buzz 1.0
Versions: 1.0 and potentially earlier versions
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires the /admin/editposts.php file to be present and accessible.

📦 What is this software?

Content Management System by Code Projects

View all CVEs affecting Content Management System →

News Buzz by Anirbandutta

View all CVEs affecting News Buzz →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through webshell upload leading to remote code execution, data theft, and lateral movement within the network.

🟠

Likely Case

Malicious file upload allowing defacement, malware distribution, or limited server access depending on file execution permissions.

🟢

If Mitigated

Uploaded files remain inert if proper file validation and execution restrictions are in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit details are publicly available on GitHub. Attack requires access to admin functionality.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Consider workarounds or migrating to supported software.

🔧 Temporary Workarounds

Restrict File Uploads

all

Implement strict file type validation and size limits for uploads

Disable Vulnerable Endpoint

linux

Temporarily disable or restrict access to /admin/editposts.php

mv /path/to/admin/editposts.php /path/to/admin/editposts.php.disabled

🧯 If You Can't Patch

  • Implement web application firewall rules to block malicious file upload patterns
  • Restrict network access to admin interfaces using IP whitelisting

🔍 How to Verify

Check if Vulnerable:

Check if /admin/editposts.php exists and test file upload functionality with malicious extensions

Check Version:

Check CMS version in configuration files or admin panel

Verify Fix Applied:

Test that file uploads with dangerous extensions (like .php, .exe) are rejected

📡 Detection & Monitoring

Log Indicators:

  • Unusual file uploads to /admin/editposts.php
  • Files with suspicious extensions in upload directories

Network Indicators:

  • POST requests to /admin/editposts.php with file uploads
  • Unusual outbound connections from server

SIEM Query:

source="web_logs" AND uri="/admin/editposts.php" AND method="POST" AND file_upload="true"

📊 Metadata

CVE ID: CVE-2025-15197
CVSS v3 Score: 4.7 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-284
EPSS Score: 0.05% exploit probability (16th percentile)
Published: December 29, 2025
Last Updated: January 7, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-15197, you might also want to check these:

CVE-2021-34795 10.0

This critical vulnerability in Cisco Catalyst PON Series Switches ONT web management interface allow...

Same vulnerability type (CWE-284)
CVE-2021-40113 10.0

Multiple vulnerabilities in Cisco Catalyst PON Series Switches ONT web management interface allow un...

Same vulnerability type (CWE-284)
CVE-2026-21636 10.0

A critical vulnerability in Node.js v25's experimental permission model allows attacker-controlled i...

Same vulnerability type (CWE-284)