CVE-2025-61183

Cross Site Scripting in vaahcms v.2.3.1 allows a remote attacker to execute arbitrary code via upload method in the storeAvatar() method of UserBase.php

Published Oct 10, 2025

https://github.com/advisories/GHSA-q769-phqg-263r

CVSS ScoreMedium

6.1

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2025-61183

Cross Site Scripting in vaahcms v.2.3.1 allows a remote attacker to execute arbitrary code via upload method in the storeAvatar() method of UserBase.php

Published Oct 10, 2025

https://github.com/advisories/GHSA-q769-phqg-263r

CVSS ScoreMedium

6.1


composer	webreinvent/vaahcms	0.0.10
composer	webreinvent/vaahcms	0.0.2
composer	webreinvent/vaahcms	0.0.3
composer	webreinvent/vaahcms	0.0.5
composer	webreinvent/vaahcms	0.0.6
composer	webreinvent/vaahcms	0.0.8
composer	webreinvent/vaahcms	0.1.0
composer	webreinvent/vaahcms	0.1.1
composer	webreinvent/vaahcms	0.1.2
composer	webreinvent/vaahcms	0.1.3
composer	webreinvent/vaahcms	0.1.5
composer	webreinvent/vaahcms	0.1.6
composer	webreinvent/vaahcms	0.1.7
composer	webreinvent/vaahcms	0.1.8
composer	webreinvent/vaahcms	0.2.10
composer	webreinvent/vaahcms	0.2.11
composer	webreinvent/vaahcms	0.2.1
composer	webreinvent/vaahcms	0.2.2
composer	webreinvent/vaahcms	0.2.3
composer	webreinvent/vaahcms	0.2.4
composer	webreinvent/vaahcms	0.2.5
composer	webreinvent/vaahcms	0.2.6
composer	webreinvent/vaahcms	0.2.7
composer	webreinvent/vaahcms	0.2.8
composer	webreinvent/vaahcms	0.2.9
composer	webreinvent/vaahcms	0.3.0
composer	webreinvent/vaahcms	0.3.1
composer	webreinvent/vaahcms	0.3.2
composer	webreinvent/vaahcms	0.3.5
composer	webreinvent/vaahcms	0.3.6
composer	webreinvent/vaahcms	0.3.7
composer	webreinvent/vaahcms	0.3.8
composer	webreinvent/vaahcms	0.3.9
composer	webreinvent/vaahcms	0.4.0
composer	webreinvent/vaahcms	0.4.3
composer	webreinvent/vaahcms	0.4.4
composer	webreinvent/vaahcms	1.0.0
composer	webreinvent/vaahcms	1.0.10
composer	webreinvent/vaahcms	1.0.11
composer	webreinvent/vaahcms	1.0.12
composer	webreinvent/vaahcms	1.0.13
composer	webreinvent/vaahcms	1.0.14
composer	webreinvent/vaahcms	1.0.15
composer	webreinvent/vaahcms	1.0.16
composer	webreinvent/vaahcms	1.0.1
composer	webreinvent/vaahcms	1.0.2
composer	webreinvent/vaahcms	1.0.3
composer	webreinvent/vaahcms	1.0.4
composer	webreinvent/vaahcms	1.0.5
composer	webreinvent/vaahcms	1.0.6

Ecosystem	Package	Version


composer	webreinvent/vaahcms	0.0.10
composer	webreinvent/vaahcms	0.0.2
composer	webreinvent/vaahcms	0.0.3
composer	webreinvent/vaahcms	0.0.5
composer	webreinvent/vaahcms	0.0.6
composer	webreinvent/vaahcms	0.0.8
composer	webreinvent/vaahcms	0.1.0
composer	webreinvent/vaahcms	0.1.1
composer	webreinvent/vaahcms	0.1.2
composer	webreinvent/vaahcms	0.1.3
composer	webreinvent/vaahcms	0.1.5
composer	webreinvent/vaahcms	0.1.6
composer	webreinvent/vaahcms	0.1.7
composer	webreinvent/vaahcms	0.1.8
composer	webreinvent/vaahcms	0.2.10
composer	webreinvent/vaahcms	0.2.11
composer	webreinvent/vaahcms	0.2.1
composer	webreinvent/vaahcms	0.2.2
composer	webreinvent/vaahcms	0.2.3
composer	webreinvent/vaahcms	0.2.4
composer	webreinvent/vaahcms	0.2.5
composer	webreinvent/vaahcms	0.2.6
composer	webreinvent/vaahcms	0.2.7
composer	webreinvent/vaahcms	0.2.8
composer	webreinvent/vaahcms	0.2.9
composer	webreinvent/vaahcms	0.3.0
composer	webreinvent/vaahcms	0.3.1
composer	webreinvent/vaahcms	0.3.2
composer	webreinvent/vaahcms	0.3.5
composer	webreinvent/vaahcms	0.3.6
composer	webreinvent/vaahcms	0.3.7
composer	webreinvent/vaahcms	0.3.8
composer	webreinvent/vaahcms	0.3.9
composer	webreinvent/vaahcms	0.4.0
composer	webreinvent/vaahcms	0.4.3
composer	webreinvent/vaahcms	0.4.4
composer	webreinvent/vaahcms	1.0.0
composer	webreinvent/vaahcms	1.0.10
composer	webreinvent/vaahcms	1.0.11
composer	webreinvent/vaahcms	1.0.12
composer	webreinvent/vaahcms	1.0.13
composer	webreinvent/vaahcms	1.0.14
composer	webreinvent/vaahcms	1.0.15
composer	webreinvent/vaahcms	1.0.16
composer	webreinvent/vaahcms	1.0.1
composer	webreinvent/vaahcms	1.0.2
composer	webreinvent/vaahcms	1.0.3
composer	webreinvent/vaahcms	1.0.4
composer	webreinvent/vaahcms	1.0.5
composer	webreinvent/vaahcms	1.0.6

Find vulnerabilities. Fix fast with AI.

CVE-2025-61183

CVE-2025-61183