Code Injection Vulnerability in MuYuCMS Template Management Component
CVE-2025-10993

5.1MEDIUM

Key Information:

Vendor: MuYuCMS
Status: Muyucms
Vendor: CVE Published:; 26 September 2025

🔔 Create MuYuCMS Vulnerability Alert

What is CVE-2025-10993?

A security flaw identified in MuYuCMS up to version 2.7 pertains to the Template Management component, specifically within the /admin.php file. This vulnerability allows for remote code injection due to improper handling of user input. Attackers can exploit this flaw to execute arbitrary code, potentially compromising the integrity and security of the entire system.

Affected Version(s)

MuYuCMS 2.0

MuYuCMS 2.1

MuYuCMS 2.2

References

https://vuldb.com/?id.325921

https://vuldb.com/?ctiid.325921

signaturepermissions-required

https://vuldb.com/?submit.654014

third-party-advisory

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 26, 2025
Vulnerability Reserved
Sep 25, 2025

Credit

Eurekya (VulDB User)

.

CVE-2025-10993 : Code Injection Vulnerability in MuYuCMS Template Management Component