What is the CVSS score of CVE-2025-69559?

CVE-2025-69559 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of PHP are affected by CVE-2025-69559?

Computer Book Store versions up to 1.0 contains a critical file upload vulnerability (CVE-2025-69559) that allows attackers to upload and execute arbitrary code on affected systems.

Is there a public PoC exploit available for CVE-2025-69559?

Yes, a public proof-of-concept exploit is available for CVE-2025-69559. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate CVE-2025-69559?

Within 24 hours: Identify all instances of Computer Book Store version 1.0 or earlier in the environment and isolate affected systems from production networks if possible. Within 7 days: Implement compensating controls including file upload restrictions, WAF rules blocking suspicious upload patterns, and enhanced monitoring for suspicious file access. Within 30 days: Evaluate alternative solutions or contact the vendor for patched versions; establish a plan to migrate away from the affected software if no patch timeline is provided.