CVE-2025-12203
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-27

Last updated on: 2026-04-29

Assigner: VulDB

Description
A weakness has been identified in givanz Vvveb up to 1.0.7.3. This issue affects the function sanitizeFileName of the file system/functions.php of the component Code Editor. Executing a manipulation of the argument File can lead to path traversal. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks. This patch is called b0fa7ff74a3539c6d37000db152caad572e4c39b. Applying a patch is advised to resolve this issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-27
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-10-27
EPSS Evaluated
2026-06-15
NVD
CVE-2025-12203
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
vvveb vvveb to 1.0.7.3 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-12203 is a vulnerability in the Vvveb CMS version 1.0.7.3, specifically in the sanitizeFileName function used by the code editor component. The function attempts to prevent path traversal attacks by filtering out sequences like "..", but it fails to properly handle null byte (%00) injection. An authenticated attacker can exploit this by inserting null bytes into the file parameter, bypassing the filter and accessing arbitrary files on the server outside the intended directory. This allows unauthorized reading of files, posing a significant security risk. [1, 2]

Impact Analysis

This vulnerability can allow an authenticated attacker to read arbitrary files on the server, including sensitive configuration files or data that should be protected. This unauthorized file disclosure can lead to leakage of confidential information, potentially enabling further attacks or compromising the security and privacy of the system and its users. [1]

Detection Guidance

This vulnerability can be detected by attempting to exploit the path traversal via the 'file' parameter in the code editor's loadFile action, specifically by sending authenticated GET requests with crafted file parameters containing null byte (%00) injections to bypass sanitization. For example, using curl to send a request like: curl -u admin:password 'http://your-vvveb-site/admin/controller/editor/code.php?action=loadFile&file=.%00./.%00./.%00./test.txt' and observing if files outside the intended directory are accessible. Monitoring logs for such suspicious requests or unexpected file access attempts can also help detect exploitation attempts. [1]

Mitigation Strategies

The immediate step to mitigate this vulnerability is to apply the patch identified by commit b0fa7ff74a3539c6d37000db152caad572e4c39b, which fixes the sanitizeFileName function to properly handle and neutralize null byte characters, preventing exploitation. Additionally, restrict access to the code editor functionality to trusted administrators and monitor for suspicious activity until the patch is applied. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-12203. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart