Back to Explorer

CVE-2025-15405

PUBLISHED
1/1/2026 1af790b2-7ee1-4545-860a-a788eba489b5

Technical Description

A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function. The manipulation results in cross-site request forgery. The attack may be launched remotely.

Affected Products

n/a
PHPEMS
11.0

References

https://vuldb.com/?id.339325
VDB-339325 | PHPEMS cross-site request forgery
https://vuldb.com/?ctiid.339325
VDB-339325 | CTI Indicators (IOB, IOC)
https://vuldb.com/?submit.728314
Submit #728314 | PHPEMS <=11.0 Cross-Site Request Forgery
https://byebydoggy.github.io/post/2025/1231-phpems-csrf-poc/
External Link

Impact Analysis

Attack Vector Network
Attack Complexity Low
Privileges Required None