CVE-2025-52023
Modified Modified - Updated After Analysis

BaseFortify

Vulnerability report for CVE-2025-52023, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-01-23

Last updated on: 2026-07-05

Assigner: MITRE

Description

A vulnerability in the PHP backend of gemscms.aptsys.com.sg thru 2025-05-28 allows unauthenticated remote attackers to trigger detailed error messages that disclose internal file paths, code snippets, and stack traces. This occurs when specially crafted HTTP GET/POST requests are sent to public API endpoints, exposing potentially sensitive information useful for further exploitation. This issue is classified under CWE-209: Information Exposure Through an Error Message.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-01-23
Last Modified
2026-07-05
Generated
2026-07-06
AI Q&A
2026-01-23
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
aptsys gemscms_backend to 2025-05-28 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-209 The product generates an error message that includes sensitive information about its environment, users, or associated data.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the PHP backend of gemscms.aptsys.com.sg and allows unauthenticated remote attackers to cause the system to generate detailed error messages. These error messages disclose internal file paths, code snippets, and stack traces when specially crafted HTTP GET or POST requests are sent to public API endpoints. This exposure of internal information can aid attackers in further exploiting the system.

Impact Analysis

The vulnerability can impact you by exposing sensitive internal information such as file paths, code snippets, and stack traces to unauthenticated attackers. This information disclosure can facilitate further attacks, potentially leading to unauthorized access, data breaches, or other security compromises.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-52023. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart