CVE-2025-1113: taisan tarzan-cms Add Theme admin#themes upload deserialization
First published: Fri Feb 07 2025(Updated: )
A vulnerability was found in taisan tarzan-cms up to 1.0.0. It has been rated as critical. This issue affects the function upload of the file /admin#themes of the component Add Theme Handler. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Taisin Tarzan-CMS | <=1.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-1113?
CVE-2025-1113 is rated as critical due to its potential for remote exploitation through deserialization.
How do I fix CVE-2025-1113?
To remediate CVE-2025-1113, it is recommended to update Taisin tarzan-cms to a version above 1.0.0.
What component is affected by CVE-2025-1113?
CVE-2025-1113 affects the Add Theme Handler in the file upload function located at /admin#themes.
Can CVE-2025-1113 be exploited remotely?
Yes, CVE-2025-1113 can be exploited remotely, allowing an attacker to manipulate the vulnerability from a distance.
What type of vulnerability is CVE-2025-1113?
CVE-2025-1113 is a deserialization vulnerability found in Taisin tarzan-cms.
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/title
- agent/first-publish-date
- agent/type
- agent/description
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/severity
- agent/last-modified-date
- agent/author
- agent/source
- agent/tags
- agent/event
- vendor/taisin
- canonical/taisin tarzan-cms