How severe is CVE-2025-0460?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 7.3 out of 10.

What type of vulnerability is CVE-2025-0460?

This is classified as CWE-284, which is a common weakness in software security.

CVE-2025-0460

MEDIUM Year: 2025

CVSS v3 Score

7.3

High

CVSS v2 Score

7.5

High

Weakness Type

CWE-284

View all →

Vulnerability Description

A vulnerability, which was classified as critical, was found in Blog Botz for Journal Theme 1.0 on OpenCart. This affects an unknown part of the file /index.php?route=extension/module/blog_add. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2015-1836

HIGH

CVSS:7.3(High)

Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, uses incorrect ACLs for ZooKeeper co...

CWE-2842015

CVE-2015-6023

HIGH

CVSS:7.3(High)

ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote attackers to bypass intended access restrictions via a direct request. NOTE: t...

CWE-2842015

CVE-2016-4018

HIGH

CVSS:7.3(High)

The Data Provisioning Agent (aka DP Agent) in SAP HANA does not properly restrict access to service functionality, which allows remote attackers to obtain sensitive information, gain privileges, and c...

CWE-2842016

CVE-2016-5526

HIGH

CVSS:7.3(High)

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality, integrity, and availability via vec...

CWE-2842016

CVE-2016-5645

HIGH

CVSS:7.3(High)

Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32BXBA devices have a hardcoded SNMP community, which makes it easier for remote at...

CWE-2842016

CVE-2016-8032

HIGH

CVSS:7.3(High)

Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local attackers to bypass local security protection via a crafted input file.

CWE-2842016

CVE-2025-0460

Vulnerability Description

Related Vulnerabilities

CVE-2015-1836

CVE-2015-6023

CVE-2016-4018

CVE-2016-5526

CVE-2016-5645

CVE-2016-8032