{"uuid": "ab9c27f4-c568-43c3-9e7c-fc776c4a5f94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25361", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6883", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25361\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An arbitrary file upload vulnerability in the component /cms/CmsWebFileAdminController.java of PublicCMS v4.0.202406 allows attackers to execute arbitrary code via uploading a crafted svg or xml file.\n\ud83d\udccf Published: 2025-03-06T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-07T19:48:51.354Z\n\ud83d\udd17 References:\n1. https://github.com/c0rdXy/POC/blob/master/CVE/PublicCMS/XSS_02/XSS_02.md", "creation_timestamp": "2025-03-07T20:40:30.000000Z"}