exploitDog

GHSA-gwjg-r9g6-4q23

Опубликовано: 15 авг. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 9.2

Описание

An authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla was discovered. The issue allows code execution via the unzip feature.

An authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla was discovered. The issue allows code execution via the unzip feature.

Ссылки

EPSS

Процентиль: 26%

0.00091

Низкий

9.2 Critical

CVSS4

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2025-54473

nvd

6 месяцев назад

An authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla was discovered. The issue allows code execution via the unzip feature.

EPSS

Процентиль: 26%

0.00091

Низкий

9.2 Critical

CVSS4

CVE ID

Дефекты

CWE-434