CVE-2024-25415

HIGH

CE Phoenix 1.0.8.20 - Remote Code Execution via define_language.php

Title source: manual
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-25415. PoCs published by tmrswrr.

AI-analyzed exploit summary This exploit targets CE Phoenix v1.0.8.20, leveraging an authenticated file write vulnerability in the language definition feature to achieve remote code execution. It logs in as an admin, injects PHP code into a language file, and executes arbitrary commands.

Description

A remote code execution (RCE) vulnerability in /admin/define_language.php of CE Phoenix v1.0.8.20 allows attackers to execute arbitrary PHP code via injecting a crafted payload into the file english.php.

Exploits (1)

exploitdb WORKING POC
by tmrswrr · pythonwebappsphp
https://www.exploit-db.com/exploits/51957

This exploit targets CE Phoenix v1.0.8.20, leveraging an authenticated file write vulnerability in the language definition feature to achieve remote code execution. It logs in as an admin, injects PHP code into a language file, and executes arbitrary commands.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: CE Phoenix v1.0.8.20
Auth required
Prerequisites: Valid admin credentials · Access to the admin panel
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 7.2
EPSS 0.2724
EPSS Percentile 97.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-94
Status published
Products (1)
phoenixcart/ce_phoenix_cart 1.0.8.20
Published Feb 16, 2024
Tracked Since Feb 18, 2026