CVE-2025-52207
Published
CVSS v3
9.9
CRITICAL
CVSS v2
N/A
Affected
1
PROJECT
Description
PBXCoreREST/Controllers/Files/PostController.php in MikoPBX through 2024.1.114 allows uploading a PHP script to an arbitrary directory.
MikoPBX — free open-source PBX for small business, built on Asterisk 22, PHP 8.4, and Phalcon 5. Deploy as ISO, Docker, LXC, or in the cloud.
GitHub