CVE-2025-49138 | haxtheweb HAXCMSSite up to 10.0.6 location path traversal (GHSA-hxrr-x32w-cg8g)

A vulnerability has been found in haxtheweb HAXCMSSite up to 10.0.6 and classified as critical. This vulnerability affects unknown code. The manipulation of the argument location leads to path traversal.

This vulnerability was named CVE-2025-49138. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More