CVE-2025-8518

MEDIUM

Vvveb 1.0.5 - Remote Code Execution in Code Editor Save Function

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2025-8518. PoCs published by maestro-ant, Maksim Rogov, Hamed Kohi, including Metasploit module exploits/multi/http/vvveb_auth_rce_cve_2025_8518.

AI-analyzed exploit summary This repository provides detailed deployment instructions for setting up a vulnerable environment of Vvveb CMS 1.0.5 to demonstrate CVE-2025-8518, an authenticated RCE vulnerability. It includes steps for Docker setup, configuration modifications, and launching the application but lacks actual exploit code.

Description

A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.6 is able to address this issue. The name of the patch is f684f3e374d04db715730fc4796e102f5ebcacb2. It is recommended to upgrade the affected component.

Exploits (2)

nomisec WRITEUP
by maestro-ant · poc
https://github.com/maestro-ant/Vvveb-CMS-CVE-2025-8518

This repository provides detailed deployment instructions for setting up a vulnerable environment of Vvveb CMS 1.0.5 to demonstrate CVE-2025-8518, an authenticated RCE vulnerability. It includes steps for Docker setup, configuration modifications, and launching the application but lacks actual exploit code.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: Vvveb CMS 1.0.5
Auth required
Prerequisites: Docker · Docker Compose · authenticated user with template editing privileges
devstral-2 · analyzed Feb 18, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by Maksim Rogov, Hamed Kohi · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/vvveb_auth_rce_cve_2025_8518.rb

This Metasploit module exploits an authenticated remote code execution vulnerability in Vvveb CMS (CVE-2025-8518) by injecting malicious PHP code into theme files via the Code Editor functionality. The exploit authenticates, identifies the active theme, modifies the theme file with a PHP payload, and triggers execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Vvveb CMS up to and including 1.0.5
Auth required
Prerequisites: Valid credentials for Vvveb CMS · Access to the Code Editor functionality
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry technical-description
https://vuldb.com/?id.318644
Permissions Required, VDB Entry signature permissions-required
https://vuldb.com/?ctiid.318644
Third Party Advisory, VDB Entry third-party-advisory
https://vuldb.com/?submit.624971
Exploit, Third Party Advisory related
https://hkohi.ca/vulnerability/8

Scores

CVSS v3 4.7
EPSS 0.0135
EPSS Percentile 67.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-74 CWE-94
Status published
Products (1)
vvveb/vvveb 1.0.5
Published Aug 04, 2025
Tracked Since Feb 18, 2026