VYPR

PocketVJ-CP-v3

by Magdesign

CVEs (1)

  • CVE-2025-63334CriNov 5, 2025
    risk 0.64cvss 9.8epss 0.01

    PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 contains an unauthenticated remote code execution vulnerability in the submit_opacity.php component. The application fails to sanitize user input in the opacityValue POST parameter before passing it to a shell command, allowing remote…