CVE-2025-54790

Critical CVSS: 9.2

Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, Files does not have logic to prevent the exploitation of backend SQL queries without direct output, potentially allowing unauthorized data access. This is fixed in version 0.16.10.

Vendor

Humhub

Product

Files

CWE

CWE-89

Yayın Tarihi

2025-08-02 00:15:26

Güncelleme

2025-09-12 16:32:36

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-89 Files CRITICAL Humhub 2025

Referanslar

https://github.com/humhub/cfiles/pull/252 https://github.com/humhub/cfiles/releases/tag/v0.16.10 https://github.com/humhub/cfiles/security/advisories/GHSA-rfvq-g9rm-pgqj

Benzer Kayıtlar

Medium

CVE-2026-29048

HumHub is an Open Source Enterprise Social Network. In version 1.18.0, a cross-site scripting vulnerability was identifi…

Medium

CVE-2026-29052

The Calendar module for HumHub enables users to create one-time or recurring events, manage attendee invitations, and ef…

High

CVE-2025-64442

HumHub is an Open Source Enterprise Social Network. Versions below 1.17.4 have a XSS vulnerability in the Meta-Search fe…

Medium

CVE-2025-54789

Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, the File Move functi…