VYPR
Unrated severityOSV Advisory· Published Dec 29, 2025· Updated Dec 30, 2025

CVE-2024-25181

CVE-2024-25181

Description

A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side Request Forgery (SSRF) and arbitrary file reading. The vulnerability stems from improper handling of user-supplied URLs in the "file_get_contents" function within the "save.php" file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Givanz/VvvebjsOSV2 versions
    1.2, 1.2.2, 1.4, …+ 1 more
    • (no CPE)range: 1.2, 1.2.2, 1.4, …
    • (no CPE)range: =1.7.2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.