Security Advisory

CVE-2025-30091

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-25 00:00:00

Last updated 2025-03-25 14:35:59

Assigner mitre

State PUBLISHED

Description

In Tiny MoxieManager PHP before 4.0.0, remote code execution can occur in the installer command. This vulnerability allows unauthenticated attackers to inject and execute arbitrary code. Attacker-controlled data to InstallCommand can be inserted into config.php, and InstallCommand is available after an installation has completed.

← Browse all CVEs View on cve.org ↗