Platform
php
Component
08cms-novel-system
Opgelost in
3.0.1
3.1.1
3.2.1
3.3.1
3.4.1
A code injection vulnerability has been identified in 08CMS Novel System versions 3.0 to 3.4. This flaw resides within the component's Template Handler, specifically the file admina/mtpls.inc.php, allowing attackers to inject and potentially execute malicious code. The vulnerability is remotely exploitable and has been publicly disclosed, increasing the risk of immediate exploitation. A patch is available in version 3.4.1.
Successful exploitation of CVE-2025-15250 allows an attacker to inject and execute arbitrary code on the affected server. This could lead to complete system compromise, including data exfiltration, modification, or deletion. The attacker could potentially gain control of the entire 08CMS Novel System installation, impacting any sensitive data stored within the system, such as user credentials, novel content, or administrative settings. Given the remote accessibility of the vulnerability, the blast radius extends to anyone with network access to the server.
This vulnerability has been publicly disclosed, increasing the likelihood of exploitation. While no specific active campaigns have been reported, the availability of public information makes it a prime target for opportunistic attackers. The vulnerability is not currently listed on CISA KEV, but its public disclosure warrants close monitoring. The ease of exploitation suggests a medium probability of exploitation.
Organizations utilizing 08CMS Novel System for content management, particularly those hosting the system on shared hosting environments or with limited security controls, are at increased risk. Legacy installations with outdated configurations and weak access controls are also particularly vulnerable.
• php: Examine web server access logs for requests targeting admina/mtpls.inc.php with unusual parameters or file extensions.
grep -i 'admina/mtpls.inc.php' /var/log/apache2/access.log• php: Search for recently modified files within the 08CMS Novel System installation directory, particularly admina/mtpls.inc.php, for suspicious code.
find /path/to/08cms/ -type f -mtime -1• generic web: Use curl to test for the existence of the admina/mtpls.inc.php endpoint and observe the response for any unexpected behavior or error messages.
curl -I http://your-08cms-server.com/admina/mtpls.inc.phpdisclosure
Exploit Status
EPSS
0.06% (17% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2025-15250 is to immediately upgrade 08CMS Novel System to version 3.4.1 or later. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to block requests targeting the vulnerable admina/mtpls.inc.php file. Additionally, restrict access to the admin panel using strong authentication and network segmentation to limit potential damage. Monitor system logs for suspicious activity related to file uploads or code execution.
Werk bij naar een gepatchte versie van 08CMS Novel System die de code injectie kwetsbaarheid oplost. Indien er geen gepatchte versie beschikbaar is, overweeg dan om de Template Handler component (admina/mtpls.inc.php) uit te schakelen of te verwijderen totdat een oplossing kan worden toegepast. Raadpleeg de verstrekte referenties voor meer details en mogelijke mitigaties.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2025-15250 is a code injection vulnerability affecting 08CMS Novel System versions 3.0 through 3.4, allowing attackers to execute arbitrary code via the admina/mtpls.inc.php file.
If you are running 08CMS Novel System versions 3.0, 3.1, 3.2, 3.3, or 3.4, you are potentially affected by this vulnerability. Upgrade immediately.
Upgrade 08CMS Novel System to version 3.4.1 or later to patch this vulnerability. As a temporary workaround, implement a WAF rule to block requests to admina/mtpls.inc.php.
While no confirmed active campaigns are currently reported, the public disclosure of this vulnerability increases the risk of exploitation.
Refer to the 08CMS Novel System official website or security advisory channels for the latest information and updates regarding CVE-2025-15250.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.