CVE-2025-8518

HIGH

CVSS v3

7.2

HIGH

EPSS Score

16.7%

exploit probability

CISA KEV

No

known exploited

Exploitation

SSVC status

Description

A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.6 is able to address this issue. The name of the patch is f684f3e374d04db715730fc4796e102f5ebcacb2. It is recommended to upgrade the affected component.

Technical Details

Published
8/4/2025

Frequently Asked Questions

What is CVE-2025-8518?

A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.6 is able to address this issue. The name of the patch is f684f3e374d04db715730fc4796e102f5ebcacb2. It is recommended to upgrade the affected component.

Is CVE-2025-8518 actively exploited?

Active exploitation of CVE-2025-8518 has not been confirmed. The EPSS score is 16.7%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2025-8518?

CVE-2025-8518 has a CVSS v3 base score of 7.2 (HIGH severity).

Is CVE-2025-8518 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.