Description

An unrestricted file upload vulnerability exists in the Product Image section of the VirtueMart backend. Authenticated attackers can upload files with arbitrary extensions, including executable or malicious files, potentially leading to remote code execution or other security impacts depending on server configuration.

INFO

Published Date :

2025-06-11T16:26:47.283Z

Last Modified :

2025-06-11T17:29:01.082Z

Source :

BLSOPS
AFFECTED PRODUCTS

The following products are affected by CVE-2025-6002 vulnerability.

Vendors Products
Virtuemart
  • Virtuemart
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-6002.

URL Resource
https://blog.blacklanternsecurity.com/p/doomla-zero-days cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact