Critical severity9.9NVD Advisory· Published Jun 27, 2025· Updated Apr 15, 2026

CVE-2025-52207

Description

PBXCoreREST/Controllers/Files/PostController.php in MikoPBX through 2024.1.114 allows uploading a PHP script to an arbitrary directory.

3ee785429d3f

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

No linked articles in our index yet.