QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-4377

Back to search

CVE-2025-4377

Published: May 9, 2025

Modified: May 9, 2025

PUBLISHED

Description

Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server. This vulnerability is present in logview.php and it allows reading arbitrary files on the filesystem.  Logview is accessible on Pro Cloud Server Configuration interface. This issue affects Pro Cloud Server: earlier than 6.0.165.

VendorProductVersions

Sparx Systems

Pro Cloud Server

affected
0 - <= 6.0.163
unaffected
6.0.165

Weaknesses (CWE)

CWE-22
CWE-20

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now