CVE-2025-67004

Published: Jan 9, 2026

Modified: Jan 23, 2026

PUBLISHED

Description

** Disputed ** An Information Disclosure vulnerability in CouchCMS 2.4 allow an Admin user to read arbitrary files via traversing directories back after back. It can Disclosure the source code or any other confidential information if weaponize accordingly. NOTE: A community member states that this is not a CouchCMS vulnerability and that if /\<file> is accessible it is a web-server configuration issue.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.couchcms.com/

https://github.com/CouchCMS/CouchCMS

https://gist.github.com/thepiyushkumarshukla/d01f8004c43692f18c75548f4739955a

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-67004

Description

Affected Products

References