What is CVE-2019-25574?

CVE-2019-25574 is a medium-severity vulnerability in Greencms Green Cms, classified under Path Traversal. CVSS score: 6.5/10. Published 2026-03-21.

How severe is CVE-2019-25574?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Path Traversal in Greencms Green Cms

CVE-2019-25574

Green CMS 2.x contains a path traversal vulnerability that allows authenticated attackers to download arbitrary files and directories by injecting directory traversal sequences. Attackers can manipulate the theme_name parameter in the them…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.015 (81.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Greencms Green Cms — versions 2.0

Weakness classification (CWE)

CWE-22 — Path Traversal

References

ExploitDB-46245 (exploit)
Official Product Homepage (product)
Product Reference (product)
VulnCheck Advisory: Green CMS 2.x Path Traversal Arbitrary File Download (third-party-advisory)

Frequently asked questions

What is CVE-2019-25574?: CVE-2019-25574 is a medium-severity vulnerability in Greencms Green Cms, classified under Path Traversal. CVSS score: 6.5/10. Published 2026-03-21.
How severe is CVE-2019-25574?: Medium severity. CVSS v3 base score is 6.5 out of 10.