4 matches found
CVE-2025-22152
Atheos is a self-hosted browser-based cloud IDE. Prior to v600, the $path and $target parameters are not properly validated across multiple components, allowing an attacker to read, modify, or execute arbitrary files on the server. These vulnerabilities can be exploited through various attack...
CVE-2025-22152
Atheos is a self-hosted browser-based cloud IDE. Prior to v600, the $path and $target parameters are not properly validated across multiple components, allowing an attacker to read, modify, or execute arbitrary files on the server. These vulnerabilities can be exploited through various attack...
CVE-2025-22152
Atheos (self-hosted browser-based cloud IDE) contains path traversal/file-include style vulnerabilities in multiple PHP files where the $path and $target parameters are not properly validated prior to v600. This allows an attacker to read, modify, or execute arbitrary files on the server. The iss...
CVE-2025-22152 Improper Path Validation Enables Path Traversal in Multiple Components in Atheos
Atheos is a self-hosted browser-based cloud IDE. Prior to v600, the $path and $target parameters are not properly validated across multiple components, allowing an attacker to read, modify, or execute arbitrary files on the server. These vulnerabilities can be exploited through various attack...