CVE-2025-14836
LOWDescription
A flaw has been found in ZZCMS 2025. Affected by this vulnerability is an unknown functionality of the file /reg/user_save.php of the component User Data Storage Module. This manipulation causes cleartext storage in a file or on disk. Remote exploitation of the attack is possible. The exploit has been published and may be used.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| zzcms | zzcms |
References
Frequently Asked Questions
What is CVE-2025-14836? +
How severe is CVE-2025-14836? +
What products are affected by CVE-2025-14836? +
How do I check if I'm vulnerable to CVE-2025-14836? +
Related Vulnerabilities
StrongDM Desktop Application before 23.74.0 (Desktop Client before 53.77.0) on Microsoft Windows stores authentication state, including a JSON Web Token …
The lack of encryption in the DuoxMe (formerly Blue) application binary in versions prior to 3.3.1 for iOS devices allows …
This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker …
next-forge is a Next.js project boilerplate for modern web application. The BASEHUB_TOKEN commited in apps/web/.env.example. Users should avoid use of …
PMD is an extensible multilanguage static code analyzer. The passphrase for the PMD and PMD Designer release signing keys are …
This vulnerability exists in the Tinxy smart devices due to storage of credentials in plaintext within the device firmware. An …