How to fix EUVD-2025-19468?

Within 30 days: Identify affected systems running Conjure Position Department Service Quality Evaluation Syste and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Is PHP affected by EUVD-2025-19468?

Organizations using Conjure Position Department Service Quality Evaluation System should be aware of moderate risk from CVE-2025-6839 rated CVSS 6.3. Exploitation could compromise the security of affected deployments.

PHP EUVD-2025-19468

| CVE-2025-6839 MEDIUM

Hidden Functionality (CWE-912)

2025-06-29 [email protected]

PHP Information Disclosure

6.3

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Lifecycle Timeline

Analysis Generated

Mar 16, 2026 - 01:15 vuln.today

EUVD ID Assigned

Mar 16, 2026 - 01:15 euvd

EUVD-2025-19468

CVE Published

Jun 29, 2025 - 02:15 nvd

MEDIUM 6.3

DescriptionNVD

A vulnerability, which was classified as critical, has been found in Conjure Position Department Service Quality Evaluation System up to 1.0.11. Affected by this issue is the function eval of the file public/assets/less/bootstrap-less/mixins/head.php. The manipulation of the argument payload leads to backdoor. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Analysis

Technical ContextAI

This vulnerability is classified as Hidden Functionality (CWE-912).

RemediationAI

Monitor vendor advisories for patches. Apply mitigations such as network segmentation, access restrictions, and monitoring.

EUVD-2025-19468 vulnerability details – vuln.today

Back