Security Advisory

CVE-2025-67436

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-22 00:00:00

Last updated 2025-12-22 22:02:29

Assigner mitre

State PUBLISHED

Description

Authenticated Remote Code Execution (RCE) in PluXml CMS 5.8.22 allows an attacker with administrator panel access to inject a malicious PHP webshell into a theme file (e.g., home.php).

← Browse all CVEs View on cve.org ↗