MeldSecurity
Press Enter to search
CVE Database & Search →
Sign In Get Started

CVE-2025-63334

🚨 CRITICAL

PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 contains an unauthenticated remote code execution vulnerability in the submit_opacity.php component. The application fails to sanitize user input in the op...

Published
Nov 05, 2025
Last Modified
Nov 06, 2025
Views
3
Bookmarks
0

Description

Request Expert Review

PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 contains an unauthenticated remote code execution vulnerability in the submit_opacity.php component. The application fails to sanitize user input in the opacityValue POST parameter before passing it to a shell command, allowing remote attackers to execute arbitrary commands with root privileges on the underlying system.

CVSS Scores

CVSS 3.1 9.8
9.8
CRITICAL
CVSS 2.0 9.8

References

gist.github.com github.com

Additional Information

Source
cve@mitre.org
State
Awaiting analysis

Related CVEs

CVE-2025-13970

HIGH

OpenPLC_V3 is vulnerable to a cross-site request forgery (CSRF) attack due to the absence of proper CSRF validation. This issue allows an unauthenti...

Score: 8.0

CVE-2025-14585

HIGH

A vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/?pa...

Score: 7.3

CVE-2025-14584

HIGH

A vulnerability has been found in itsourcecode COVID Tracking System 1.0. Affected is an unknown function of the file /admin/login.php of the componen...

Score: 7.3

CVE-2025-14583

HIGH

A flaw has been found in campcodes Online Student Enrollment System 1.0. This impacts an unknown function of the file /admin/register.php. Executing m...

Score: 7.3

CVE-2025-14582

MEDIUM

A vulnerability was detected in campcodes Online Student Enrollment System 1.0. This affects an unknown function of the file /admin/index.php?page=use...

Score: 4.7

CVE-2025-67750

HIGH

Lightning Flow Scanner provides a A CLI plugin, VS Code Extension and GitHub Action for analysis and optimization of Salesforce Flows. Versions 6.10.5...

Score: 8.4

Share CVE-2025-63334

Share on Social Media

Copy Link

Embed Code

Request Expert Analysis

Request a professional security analysis for CVE-2025-63334 from our verified experts.

Credits System

Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!

Add 3 credits for accelerated delivery

Base Cost: 8 credits
Priority Upgrade: + credits
SLA Acceleration: +3 credits
Total Cost:
Your Balance:

Insufficient Credits

You need more credits to submit this request.

Buy Credits

Report Analysis