CVE-2025-63334 | PocketVJ CP PocketVJ-CP-v3 pvj 3.9.1 POST Parameter submit_opacity.php opacityValue os command injection

Inserito da Angelo Barbosa | Nov 5, 2025 | CVE

A vulnerability categorized as critical has been discovered in PocketVJ CP PocketVJ-CP-v3 pvj 3.9.1. Affected by this issue is some unknown functionality of the file submit_opacity.php of the component POST Parameter Handler. The manipulation of the argument opacityValue results in os command injection.

This vulnerability is reported as CVE-2025-63334. The attack can be launched remotely. No exploit exists.

CVE-2025-63334 | PocketVJ CP PocketVJ-CP-v3 pvj 3.9.1 POST Parameter submit_opacity.php opacityValue os command injection

Post correlati

CVE-2018-9461 | Google Android ShareIntentActivity.java onAttachFragment race condition

CVE-2024-1463 | LearnPress Plugin up to 4.2.6.3 on WordPress cross site scripting

CVE-2025-8749 | Mobile Industrial Robots MiR Robots up to 2.x API Endpoint path traversal (EUVD-2025-23985)

CVE-2024-25979 | Moodle prior 4.3.3/4.1.9 Forum Search parameters