Metrics
Affected Vendors & Products
Wed, 27 Aug 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Metasoft
Metasoft metacrm |
|
CPEs | cpe:2.3:a:metasoft:metacrm:*:*:*:*:*:*:*:* | |
Vendors & Products |
Metasoft
Metasoft metacrm |
Mon, 21 Jul 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Sun, 20 Jul 2025 08:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability, which was classified as critical, was found in Metasoft 美特软件 MetaCRM up to 6.4.2. Affected is an unknown function of the file /common/jsp/upload2.jsp. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |
Title | Metasoft 美特软件 MetaCRM upload2.jsp unrestricted upload | |
Weaknesses | CWE-284 CWE-434 |
|
References |
| |
Metrics |
cvssV2_0
|

Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2025-07-21T16:49:29.860Z
Reserved: 2025-07-19T07:15:41.637Z
Link: CVE-2025-7878

Updated: 2025-07-21T16:49:20.237Z

Status : Analyzed
Published: 2025-07-20T09:15:23.730
Modified: 2025-08-27T17:13:45.393
Link: CVE-2025-7878

No data.

No data.