Security Advisory

CVE-2025-6001

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-11 16:26:25

Last updated 2025-06-11 17:49:41

Assigner BLSOPS

State PUBLISHED

Description

A Cross-Site Request Forgery (CSRF) vulnerability exists in the product image upload function of VirtueMart that bypasses the CSRF protection token. An attacker is able to craft a special CSRF request which will allow unrestricted file upload into the VirtueMart media manager.

← Browse all CVEs View on cve.org ↗