All intelligence
// vulnerability record
live · NVDCVE-2025-28915
CRITICALpublished 2025-03-11 21:15 UTC · 1 year ago · modified 2026-06-17 09:04 UTC
9.1
CVSS / 10
// description
Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit themeegg-toolkit allows Upload a Web Shell to a Web Server.This issue affects ThemeEgg ToolKit: from n/a through <= 1.2.9.
// cvss 3.1 vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
// weaknesses (CWE)
- CWE-434