cve/CVE-2025-31134.md at b99156590a6b0c1cf0b374aa41887d37143570c8

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, an attacker can gain additional information about the server by checking if certain directories exist. An attacker can, for example, check if older PHP versions are installed or if certain software is installed on the server and potentially use that information to further attack the server. Version 1.26.2 contains a patch for the issue.

POC

Reference

https://github.com/FreshRSS/FreshRSS/security/advisories/GHSA-jjm2-4hf7-9x65

Github

https://github.com/seyrenus/trace-release

1008 B Raw Blame History

CVE-2025-31134

Description

POC

Reference

Github

1008 B

Raw Blame History