Skip to main content

Feehicms EUVD-2025-200001

| CVE-2025-63523 MEDIUM
Out-of-bounds Read (CWE-125)
2025-12-01 cve@mitre.org GHSA-qgc9-p7cj-jvh6
Information Disclosure Buffer Overflow Feehicms
6.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

4
EUVD ID Assigned
Mar 15, 2026 - 13:34 euvd
EUVD-2025-200001
Analysis Generated
Mar 15, 2026 - 13:34 vuln.today
PoC Detected
Dec 02, 2025 - 03:06 vuln.today
Public exploit code
CVE Published
Dec 01, 2025 - 15:15 nvd
MEDIUM 6.5

DescriptionCVE.org

FeehiCMS version 2.1.1 fails to enforce server-side immutability for parameters that are presented to clients as "read-only." An authenticated attacker can intercept and modify the parameter in transit and the backend accepts the changes. This can lead to unintended username changes.

Analysis

FeehiCMS version 2.1.1 fails to enforce server-side immutability for parameters that are presented to clients as "read-only." An authenticated attacker can intercept and modify the parameter in transit and the backend accepts the changes. This can lead to unintended username changes.

Technical ContextAI

An out-of-bounds memory access occurs when code reads from or writes to memory locations outside the intended buffer boundaries. This vulnerability is classified as Out-of-bounds Read (CWE-125).

RemediationAI

Implement proper bounds checking on all array and buffer accesses. Use memory-safe languages or static analysis tools to detect OOB issues.

Share

EUVD-2025-200001 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy