CVE-2025-12203 | givanz Vvveb up to 1.0.7.3 Code Editor system/functions.php sanitizeFileName File path traversal (Issue 333)

Inserito da Angelo Barbosa | Ott 25, 2025 | CVE

A vulnerability was found in givanz Vvveb up to 1.0.7.3 and classified as critical. This issue affects the function sanitizeFileName of the file system/functions.php of the component Code Editor. Executing manipulation of the argument File can lead to path traversal.

This vulnerability is tracked as CVE-2025-12203. The attack can be launched remotely. Moreover, an exploit is present.

Applying a patch is advised to resolve this issue.

CVE-2025-12203 | givanz Vvveb up to 1.0.7.3 Code Editor system/functions.php sanitizeFileName File path traversal (Issue 333)

Post correlati

CVE-2024-26814 | Linux Kernel up to 6.1.83/6.6.23/6.7.11/6.8.2 request_irq infinite loop

Trend Micro Apex One origin validation (ZDI-23-1617)

CVE-2025-11647 | Tomofun Furbo 360/Furbo Mini GATT Service DeviceToken information disclosure

CVE-2025-0937 | HashiCorp Nomad/Nomad Enterprise up to 1.9.5 ACL Policy authorization