CVE-2025-67325
Unknown Unknown - Not Provided

Unrestricted File Upload in QloApps Enables Remote Code Execution

Vulnerability report for CVE-2025-67325, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-01-08

Last updated on: 2026-01-08

Assigner: MITRE

Description

Unrestricted file upload in the hotel review feature in QloApps versions 1.7.0 and earlier allows remote unauthenticated attackers to achieve remote code execution.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-01-08
Last Modified
2026-01-08
Generated
2026-07-06
AI Q&A
2026-01-08
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
qloapps qloapps to 1.7.0 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is an unrestricted file upload flaw in the hotel review feature of QloApps versions 1.7.0 and earlier. It allows remote unauthenticated attackers to upload malicious files, such as a PHP web shell, without any file extension validation or authentication. Once uploaded, these files can be executed by the server, enabling attackers to run arbitrary operating system commands remotely. [2]

Impact Analysis

Exploitation of this vulnerability can lead to remote code execution on the hosting server, allowing attackers to read, write, or delete sensitive files, access database credentials, pivot to internal network services, and fully compromise the server. This results in a complete loss of confidentiality, integrity, and availability of the affected system. [2]

Detection Guidance

This vulnerability can be detected by checking for the presence of uploaded PHP files in the hotel review upload directories, specifically under paths like /modules/qlohotelreview/views/img/review/<id_order>/1.php. You can scan your web server directories for unexpected PHP files in these locations. Additionally, monitoring HTTP requests to the endpoint /module/qlohotelreview/default for suspicious file upload activity or unusual POST requests can help detect exploitation attempts. Commands to detect such files might include: 1) Using find command on the server to locate PHP files in the review upload directory, e.g., `find /path/to/qloapps/modules/qlohotelreview/views/img/review/ -name '*.php'` 2) Using web server logs to grep for POST requests to /module/qlohotelreview/default, e.g., `grep '/module/qlohotelreview/default' /var/log/apache2/access.log` or equivalent. 3) Checking for unusual files or web shells by listing files in the upload directories. These steps help identify if malicious files have been uploaded and accessed. [2]

Mitigation Strategies

Immediate mitigation steps include: 1) Restrict or disable the file upload functionality in the hotel review feature until a patch or update is applied. 2) Implement server-side validation to restrict allowed file types and prevent uploading executable files such as PHP scripts. 3) Remove any suspicious or unknown PHP files found in the review upload directories. 4) Apply access controls to prevent direct execution of uploaded files, such as disabling execution permissions in the upload directories via web server configuration (e.g., using .htaccess to deny PHP execution). 5) Update QloApps to a version later than 1.7.0 once a patch is released. 6) Monitor logs for suspicious activity related to the vulnerable endpoint. These steps help prevent exploitation and limit damage from existing compromises. [2]

Compliance Impact

This vulnerability leads to a complete loss of confidentiality, integrity, and availability of the hosting server, which can result in unauthorized access to sensitive data. Such a compromise can negatively impact compliance with standards and regulations like GDPR and HIPAA that require protection of personal and sensitive information. However, specific impacts on compliance are not detailed in the provided resources. [2]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-67325. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart