CVE-2025-15244

CVSS v3.1

3.7

Low

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions PHPEMS versions prior to 11.1

Description A flaw exists in PHPEMS related to the Purchase Request Handler component. This issue results in a race condition that can be triggered remotely. Exploitation requires a high level of complexity and is considered difficult. The details of the exploit have been publicly disclosed.

Recommendations Update PHPEMS to version 11.1 or later.

Exploit

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2025-15244

Affected Products

Phpems

CVE-2025-15244

Weakness Enumeration

Related Identifiers

Affected Products

References · 8