{"uuid": "558d819a-63bc-49d8-b80d-eb7b3c158375", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2749", "type": "seen", "source": "https://t.me/cvedetector/20994", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2749 - Kentico Xperience Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2749 \nPublished : March 24, 2025, 7:15 p.m. | 2\u00a0hours, 5\u00a0minutes ago \nDescription : An authenticated remote code execution in Kentico Xperience allows authenticated users Staging Sync Server to upload arbitrary data to path relative locations. This results in path traversal and arbitrary file upload, including content that can be executed server side leading to remote code execution.This issue affects Kentico Xperience through 13.0.178. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T22:35:06.000000Z"}