CVE-2024-25181

Published: Dec 29, 2025

Modified: Dec 30, 2025

PUBLISHED

Description

A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side Request Forgery (SSRF) and arbitrary file reading. The vulnerability stems from improper handling of user-supplied URLs in the "file_get_contents" function within the "save.php" file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://gist.github.com/joaoviictorti/69cbae23d98fb9a1a4b3eee0c305c7de

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-25181

Description

Affected Products

References