6 matches found
CVE-2025-63334
PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 contains an unauthenticated remote code execution vulnerability in the submitopacity.php component. The application fails to sanitize user input in the opacityValue POST parameter before passing it to a shell command, allowing remote attackers to execu...
CVE-2025-63334
PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 contains an unauthenticated remote code execution vulnerability in the submitopacity.php component. The application fails to sanitize user input in the opacityValue POST parameter before passing it to a shell command, allowing remote attackers to execu...
CVE-2025-63334
PocketVJ CP pvj version 3.9.1 is affected by an unauthenticated remote code execution in submit_opacity.php. The vulnerability is caused by failure to sanitize the opacityValue POST parameter, which is passed to a shell command, enabling remote attackers to execute arbitrary commands with root pr...
CVE-2025-63334
PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 contains an unauthenticated remote code execution vulnerability in the submitopacity.php component. The application fails to sanitize user input in the opacityValue POST parameter before passing it to a shell command, allowing remote attackers to execu...
CVE-2025-63334
PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 contains an unauthenticated remote code execution vulnerability in the submitopacity.php component. The application fails to sanitize user input in the opacityValue POST parameter before passing it to a shell command, allowing remote attackers to execu...
PT-2025-45161
Name of the Vulnerable Software and Affected Versions PocketVJ CP versions 3.9.1 Description The application does not properly sanitize user input in the opacityValue POST parameter before it is used in a shell command. This allows remote attackers to execute arbitrary commands with root privileg...