Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

Nuclei
Nucleiadded yesterday9 views

MikoPBX - Unrestricted File Upload

MikoPBX through 2024.1.114 contains an authenticated unrestricted file upload vulnerability caused by allowing PHP script uploads in PBXCoreREST/Controllers/Files/PostController.php. id: CVE-2025-52207 info: name: MikoPBX - Unrestricted File Upload author: darses severity: critical description: |...

9.9CVSS5.4AI score0.0987EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/06/29 12:6 a.m.5 views

CVE-2025-52207

PBXCoreREST/Controllers/Files/PostController.php in MikoPBX through 2024.1.114 allows uploading a PHP script to an arbitrary directory...

9.9CVSS6.6AI score0.0987EPSS
Exploits0References1
Snyk
Snykadded 2025/06/27 5:43 p.m.1 views

Relative Path Traversal

Overview mikopbx/core is a Free PBX system for SMB based on Asterisk Affected versions of this package are vulnerable to Relative Path Traversal via the PostController.php process. An attacker can execute arbitrary code and access sensitive files by uploading a crafted PHP script to an arbitrary...

9.9CVSS6.3AI score0.0987EPSS
Exploits0References2
NVD
NVDadded 2025/06/27 5:15 p.m.2 views

CVE-2025-52207

PBXCoreREST/Controllers/Files/PostController.php in MikoPBX through 2024.1.114 allows uploading a PHP script to an arbitrary directory...

9.9CVSS0.0987EPSS
Exploits0References2
OSV
OSVadded 2025/06/27 5:15 p.m.3 views

CVE-2025-52207

PBXCoreREST/Controllers/Files/PostController.php in MikoPBX through 2024.1.114 allows uploading a PHP script to an arbitrary directory...

9.9CVSS7.2AI score
Exploits0References2
CNNVD
CNNVDadded 2025/06/27 12:0 a.m.2 views

MIKO MikoPBX 安全漏洞

MIKO MikoPBX is an open source graphical user interface from MIKO. A security vulnerability exists in MIKO MikoPBX version 2024.1.114 and earlier, which stems from a vulnerability that allows uploading PHP scripts to arbitrary directories...

9.9CVSS6.6AI score0.0987EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/06/27 12:0 a.m.5 views

CVE-2025-52207

PBXCoreREST/Controllers/Files/PostController.php in MikoPBX through 2024.1.114 allows uploading a PHP script to an arbitrary directory...

9.9CVSS0.0987EPSS
Exploits0References2
EUVD
EUVDadded 2025/06/27 12:0 a.m.2 views

EUVD-2025-19422

PBXCoreREST/Controllers/Files/PostController.php in MikoPBX through 2024.1.114 allows uploading a PHP script to an arbitrary directory...

9.9CVSS7.2AI score0.0987EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/06/27 12:0 a.m.2 views

PT-2025-27246 · Mikopbx · Mikopbx

Name of the Vulnerable Software and Affected Versions: MikoPBX versions through 2024.1.114 Description: The issue allows uploading a PHP script to an arbitrary directory due to a problem in the PBXCoreREST/Controllers/Files/PostController.php file. Recommendations: For MikoPBX versions through...

9.9CVSS7.4AI score0.0987EPSS
Exploits0References7
Vulnrichment
Vulnrichmentadded 2025/06/27 12:0 a.m.2 views

CVE-2025-52207

PBXCoreREST/Controllers/Files/PostController.php in MikoPBX through 2024.1.114 allows uploading a PHP script to an arbitrary directory...

9.9CVSS7.2AI score0.0987EPSS
Exploits0References2
CVE
CVEadded 2025/06/27 12:0 a.m.26 views

CVE-2025-52207

Summary: CVE-2025-52207 affects MikoPBX (MikoPBX/core) up to version 2024.1.114, where PBXCoreREST/Controllers/Files/PostController.php permits uploading a PHP script to an arbitrary directory. Impact (as stated): authenticated users can upload and execute arbitrary PHP, enabling remote code exec...

9.9CVSS7.2AI score0.0987EPSS
In wildExploits0References2
Rows per page
Query Builder