CVE-2025-52207 - CERT CVE

  1. CVE-2025-52207

ID CVE-2025-52207
Sažetak PBXCoreREST/Controllers/Files/PostController.php in MikoPBX through 2024.1.114 allows uploading a PHP script to an arbitrary directory.
Reference
CVSS
Base: 9.9
Impact: 6.0
Exploitability:3.1
Pristup
VektorSloženostAutentikacija
NETWORK LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH LOW
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
Zadnje važnije ažuriranje 30-06-2025 - 18:38
Objavljeno 27-06-2025 - 17:15