CVE-2025-6453 | diyhi bbs 6.8 API ForumManageAction.java add dirName path traversal

June 20, 2025 Yanac

A vulnerability classified as critical has been found in diyhi bbs 6.8. Affected is the function Add of the file /src/main/java/cms/web/action/template/ForumManageAction.java of the component API. The manipulation of the argument dirName leads to path traversal.

This vulnerability is traded as CVE-2025-6453. It is possible to launch the attack remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More