{"id":7273,"date":"2025-06-26T19:53:41","date_gmt":"2025-06-26T19:53:41","guid":{"rendered":"http:\/\/localhost\/?p=7273"},"modified":"2025-06-26T19:53:41","modified_gmt":"2025-06-26T19:53:41","slug":"juzaweb-cms-add-new-themes-page-install-improper-authorization","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7273","title":{"rendered":"juzaweb CMS Add New Themes Page install improper authorization"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\njuzaweb CMS Add New Themes Page install improper authorization<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-06-26T23:31:08.342Z<\/td>\n<\/tr>\n
Last Seen<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\njuzaweb<\/td>\n<\/tr>\n
Product<\/th>\nCMS<\/td>\n<\/tr>\n
Version<\/th>\n3.4.2<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n\n\n\n
Base Score<\/th>\n5.3 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:L\/UI:N\/VC:L\/VI:L\/VA:L\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\n<\/td>\n<\/tr>\n
Integrity Impact<\/th>\n<\/td>\n<\/tr>\n
Availability Impact<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA critical vulnerability in juzaweb CMS 3.4.2 allows unauthorized users to exploit improper authorization in the Add New Themes Page, potentially leading to remote attacks. The issue was disclosed publicly, and the vendor did not respond. This could allow attackers to perform actions they shouldn’t be able to, posing a significant risk.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
Vendor<\/th>\njuzaweb<\/td>\n<\/tr>\n
Product<\/th>\njuzaweb CMS<\/td>\n<\/tr>\n
Affected Version<\/th>\n3.4.2<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n