{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2019-25630", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-03-24T11:01:20.165Z", "datePublished": "2026-03-24T11:27:04.730Z", "dateUpdated": "2026-03-26T16:15:53.724Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-26T16:15:53.724Z"}, "title": "PhreeBooks ERP 5.2.3 Arbitrary File Upload via Image Manager", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-434", "description": "CWE-434 Unrestricted upload of file with dangerous type", "type": "CWE"}]}], "affected": [{"vendor": "Phreesoft", "product": "PhreeBooks ERP", "versions": [{"status": "affected", "version": "5.2.3"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the bizuno/image/manager endpoint and execute them via the bizunoFS.php script for remote code execution.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the bizuno/image/manager endpoint and execute them via the bizunoFS.php script for remote code execution.</p>"}]}], "references": [{"url": "https://www.exploit-db.com/exploits/46644", "name": "ExploitDB-46644", "tags": ["exploit"]}, {"url": "https://www.phreesoft.com/", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "https://sourceforge.net/projects/phreebooks/files/latest/download", "name": "Product Reference", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/phreebooks-erp-arbitrary-file-upload-via-image-manager", "name": "VulnCheck Advisory: PhreeBooks ERP 5.2.3 Arbitrary File Upload via Image Manager", "tags": ["third-party-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "HIGH", "baseScore": 8.7, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}, {"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "credits": [{"lang": "en", "value": "Abdullah \u00c7elebi", "type": "finder"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-24T17:53:13.941891Z", "id": "CVE-2019-25630", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T17:53:20.707Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2019-25630", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-24T17:53:13.941891Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T17:53:17.591Z"}}], "cna": {"title": "PhreeBooks ERP 5.2.3 Arbitrary File Upload via Image Manager", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Abdullah \u00c7elebi"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Phreesoft", "product": "PhreeBooks ERP", "versions": [{"status": "affected", "version": "5.2.3"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.exploit-db.com/exploits/46644", "name": "ExploitDB-46644", "tags": ["exploit"]}, {"url": "https://www.phreesoft.com/", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "https://sourceforge.net/projects/phreebooks/files/latest/download", "name": "Product Reference", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/phreebooks-erp-arbitrary-file-upload-via-image-manager", "name": "VulnCheck Advisory: PhreeBooks ERP 5.2.3 Arbitrary File Upload via Image Manager", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the bizuno/image/manager endpoint and execute them via the bizunoFS.php script for remote code execution.", "supportingMedia": [{"type": "text/html", "value": "<p>PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the bizuno/image/manager endpoint and execute them via the bizunoFS.php script for remote code execution.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "CWE-434 Unrestricted upload of file with dangerous type"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-26T16:15:53.724Z"}}}, "cveMetadata": {"cveId": "CVE-2019-25630", "state": "PUBLISHED", "dateUpdated": "2026-03-26T16:15:53.724Z", "dateReserved": "2026-03-24T11:01:20.165Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-03-24T11:27:04.730Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:phreesoft:phreebookserp:5.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "306CC447-F5DC-4C8D-AEBF-75137C0DF174", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the bizuno/image/manager endpoint and execute them via the bizunoFS.php script for remote code execution."}], "id": "CVE-2019-25630", "lastModified": "2026-03-26T17:16:26.010", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "disclosure@vulncheck.com", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-03-24T12:16:03.200", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Product"], "url": "https://sourceforge.net/projects/phreebooks/files/latest/download"}, {"source": "disclosure@vulncheck.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/46644"}, {"source": "disclosure@vulncheck.com", "tags": ["Product"], "url": "https://www.phreesoft.com/"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/phreebooks-erp-arbitrary-file-upload-via-image-manager"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "disclosure@vulncheck.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-434"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "5.2.3"}}], "enrichment": {"confidence": 98.0, "confidence_source": "matching", "scores": [{"score": 98.0, "source": "matching"}]}, "original": {"product": "PhreeBooks ERP", "source": "cna", "vendor": "Phreesoft"}, "product": "phreebookserp", "vendor": "phreesoft"}], "analysis": {"en": {"generated_at": "2026-03-26T19:00:20.788790+00:00", "value": {"mitigation_remediation": ["Check Phreesoft\u2019s website or support channels for a patch or updated version that fixes the arbitrary file upload flaw.", "Upgrade PhreeBooks ERP to a version newer than\u202f5.2.3 once a patch is available.", "If an immediate upgrade is not possible, disable or restrict the bizuno/image/manager endpoint so that only allowed file types are accepted, and configure the server to reject PHP uploads.", "Monitor the upload logs for suspicious activity and enforce strict file\u2011type validation and permission settings as an additional safeguard."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "Phreesoft PhreeBooks ERP version\u202f5.2.3 is affected. The vulnerability resides in the image upload endpoint (bizuno/image/manager) of this product.", "description_and_impact": "An authenticated user can upload arbitrary files through the image manager component of PhreeBooks ERP 5.2.3. The flaw allows malicious PHP scripts to be stored via the imgFile parameter and subsequently executed by the bizunoFS.php handler, enabling attackers to run arbitrary code on the server. This corresponds to CWE\u2011434 and directly compromises confidentiality, integrity, and availability of the affected system.", "risk_and_exploitability": "The CVSS base score of 8.7 indicates high severity, while the EPSS score below 1\u202f% suggests low current exploitation activity. The vulnerability is not listed in CISA\u2019s KEV catalog. Exploitation requires valid user credentials, so the attack vector is internal with authenticated users. Once triggered, the flaw can give an attacker full remote code execution capabilities on the host running the application."}}}}, "created": "2026-03-25T11:48:44.559702+00:00", "updated": "2026-03-27T09:21:11.184106+00:00", "vendors": ["phreesoft", "phreesoft$PRODUCT$phreebookserp"]}