Skip to main content

Rhymix

2 CVEs product

Monthly

CVE-2025-45242 HIGH This Week

Rhymix v2.1.22 was discovered to contain an arbitrary file deletion vulnerability via the procFileAdminEditImage method in /file/file.admin.controller.php. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure PHP Rhymix
NVD GitHub
CVSS 3.1
7.7
EPSS
0.4%
CVE-2024-55089 MEDIUM This Month

Rhymix before 2.1.24 is vulnerable to Server-Side Request Forgery (SSRF) in the background import data function because XML documents may contain external entities. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Rhymix
NVD GitHub
CVSS 3.1
4.1
EPSS
0.2%
EPSS 0% CVSS 7.7
HIGH This Week

Rhymix v2.1.22 was discovered to contain an arbitrary file deletion vulnerability via the procFileAdminEditImage method in /file/file.admin.controller.php. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure PHP Rhymix
NVD GitHub
EPSS 0% CVSS 4.1
MEDIUM This Month

Rhymix before 2.1.24 is vulnerable to Server-Side Request Forgery (SSRF) in the background import data function because XML documents may contain external entities. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Rhymix
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy