CVE-2019-25647

HIGH

PhreeBooks ERP 5.2.3 Remote Code Execution via Image Manager

Title source: cna

Description

PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them to establish reverse shell connections and execute system commands.

Exploits (1)

exploitdb WORKING POC

by Metin Yunus Kandemir · pythonremotepython

https://www.exploit-db.com/exploits/46645

View Code ZIP pw:eip

References (4)

[Exploit] https://www.exploit-db.com/exploits/46645

[Product] https://www.phreesoft.com/

[Product] https://sourceforge.net/projects/phreebooks/

[Third Party Advisory] https://www.vulncheck.com/advisories/phreebooks-erp-remote-code-execution-via-image-manager

Scores

CVSS v3 8.8

EPSS 0.0029

EPSS Percentile 52.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-434

Status published

Products (2)

Phreesoft/PhreeBooks ERP 5.2.3

phreesoft/phreebookserp 5.2.3

Published Mar 24, 2026

Tracked Since Mar 24, 2026