7 matches found
CVE-2025-63406
An issue in Intermesh BV GroupOffice vulnerable before v.25.0.47 and 6.8.136 allows a remote attacker to execute arbitrary code via the dbToApi and eval in the FunctionField.php...
CVE-2025-63406
An issue in Intermesh BV GroupOffice vulnerable before v.25.0.47 and 6.8.136 allows a remote attacker to execute arbitrary code via the dbToApi and eval in the FunctionField.php...
CVE-2025-63406
An issue in Intermesh BV GroupOffice vulnerable before v.25.0.47 and 6.8.136 allows a remote attacker to execute arbitrary code via the dbToApi and eval in the FunctionField.php...
CVE-2025-63406
An issue in Intermesh BV GroupOffice vulnerable before v.25.0.47 and 6.8.136 allows a remote attacker to execute arbitrary code via the dbToApi and eval in the FunctionField.php...
CVE-2025-63406
An issue in Intermesh BV GroupOffice vulnerable before v.25.0.47 and 6.8.136 allows a remote attacker to execute arbitrary code via the dbToApi and eval in the FunctionField.php...
PT-2025-46893
Name of the Vulnerable Software and Affected Versions GroupOffice versions prior to 25.0.47 GroupOffice versions prior to 6.8.136 Description A flaw exists that allows a remote attacker to execute arbitrary code. This is possible through the dbToApi and eval functions within the FunctionField.php...
CVE-2025-63406
CVE-2025-63406 affects Intermesh BV GroupOffice prior to 25.0.47 and 6.8.136. The root cause is improper handling in FunctionField.php (dbToApi() and eval()) that can enable remote code execution. A PoC/PoC-like content exists in linked GitHub repositories; remediation is to upgrade GroupOffice t...