CVE-2025-31131

YesWiki is a wiki system written in PHP. The squelette parameter is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server. This vulnerability is fixed in 4.5.2.

CVSS v3 8.6 HIGH

8.6^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://github.com/YesWiki/yeswiki/commit/f78c915369a60c74ab8f38561ae93a4aaca9b989	Patch
https://github.com/YesWiki/yeswiki/security/advisories/GHSA-w34w-fvp3-68xm	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:yeswiki:yeswiki:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-04-01 15:16

Updated : 2025-05-09 14:04

NVD link : CVE-2025-31131

Mitre link : CVE-2025-31131

CVE.ORG link : CVE-2025-31131

JSON object : View

Products Affected

yeswiki

yeswiki

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2025-31131", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 4.0, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-04-01T15:16:07.790", "references": [{"url": "https://github.com/YesWiki/yeswiki/commit/f78c915369a60c74ab8f38561ae93a4aaca9b989", "tags": ["Patch"], "source": "[email protected]"}, {"url": "https://github.com/YesWiki/yeswiki/security/advisories/GHSA-w34w-fvp3-68xm", "tags": ["Exploit", "Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "YesWiki is a wiki system written in PHP. The squelette parameter is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server. This vulnerability is fixed in 4.5.2."}, {"lang": "es", "value": "YesWiki es un sistema wiki escrito en PHP. El par\u00e1metro squelette es vulnerable a ataques de Path Traversal, lo que permite el acceso de lectura a archivos arbitrarios en el servidor. Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 4.5.2."}], "lastModified": "2025-05-09T14:04:06.663", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:yeswiki:yeswiki:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31021541-CDEA-40ED-A950-1B27A5EC2105", "versionEndExcluding": "4.5.2"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}