CVE-2025-50234 | MCCMS up to 2.7.0 Gf.php sys_auth pic server-side request forgery

A vulnerability classified as critical was found in MCCMS up to 2.7.0. This vulnerability affects the function sys_auth of the file sysappscontrollersapiGf.php. The manipulation of the argument pic leads to server-side request forgery.

This vulnerability was named CVE-2025-50234. The attack can be initiated remotely. There is no exploit available.VulDB Recent EntriesRead More