CVE-2025-58048
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-28

Last updated on: 2025-08-29

Assigner: GitHub, Inc.

Description
Paymenter is a free and open-source webshop solution for hostings. Prior to version 1.2.11, the ticket attachments functionality in Paymenter allows a malicious authenticated user to upload arbitrary files. This could result in sensitive data extraction from the database, credentials being read from configuration files, and arbitrary system commands being run under the web server user context. This vulnerability was patched by commit 87c3db4 and was released under the version 1.2.11 tag without any other code modifications compared to version 1.2.10. If upgrading is not immediately possible, administrators can mitigate this vulnerability with one or more of the following measures: updating nginx config to download attachments instead of executing them or disallowing access to /storage/ fully using a WAF such as Cloudflare.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-28
Last Modified
2025-08-29
Generated
2026-05-07
AI Q&A
2025-08-28
EPSS Evaluated
2026-05-05
NVD
CVE-2025-58048
EUVD
EUVD-2025-26130
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
paymenter paymenter 1.2.11
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-58048 is a critical vulnerability in the Paymenter webshop solution that allows a malicious authenticated user to upload arbitrary files via the ticket attachments functionality. This flaw enables attackers to execute arbitrary system commands on the server under the web server user context, extract sensitive data from the database, and read credentials from configuration files. The vulnerability exists in versions prior to 1.2.11 and was fixed by disabling file uploads and image uploads in ticket-related components. [2, 3]


How can this vulnerability impact me? :

Exploiting this vulnerability can lead to severe impacts including remote code execution on the server, unauthorized extraction of sensitive data such as customer information, and exposure of credentials stored in configuration files. Attackers can run arbitrary system commands with the privileges of the web server user, potentially compromising the entire system and its data. [3]


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

This vulnerability can negatively impact compliance with standards like GDPR and HIPAA because it allows unauthorized access to sensitive personal and confidential data. The extraction of sensitive customer information and credentials could lead to data breaches, violating data protection and privacy regulations that require safeguarding personal data against unauthorized access and disclosure. [3]


What immediate steps should I take to mitigate this vulnerability?

To mitigate CVE-2025-58048 immediately, you should either upgrade Paymenter to version 1.2.11 or later, which contains the full fix, or apply one or more of the following mitigations: 1) Update your nginx configuration to serve attachments as downloads instead of executing them by using the provided configuration snippet that disables content execution in the /storage/ directory; 2) Block access to the /storage/ directory entirely using a Web Application Firewall (WAF) such as Cloudflare. These steps reduce the risk of exploitation until you can upgrade. [3]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart