Russian Vulnerability Scanner Database

Back to List

CVE-2025-47916

Scores

EPSS

0.907high90.7%
0%20%40%60%80%100%

Percentile: 90.7%

CVSS

9.8critical3.x
0246810

CVSS Score: 9.8/10

All CVSS Scores

CVSS 3.x
9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php. The issue lies within the themeeditor controller (file: /applications/core/modules/front/system/themeeditor.php), where a protected method named customCss can be invoked by unauthenticated users. This method passes the value of the content parameter to the Theme::makeProcessFunction() method; hence it is evaluated by the template engine. Accordingly, this can be exploited by unauthenticated attackers to inject and execute arbitrary PHP code by providing crafted template strings.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

nvd

CWEs

CWE-1336

Related Vulnerabilities

BDU:2026-00290

Exploits

Exploit ID: 52294

Source: exploitdb

URL: https://www.exploit-db.com/exploits/52294

Exploit ID: CVE-2025-47916

Source: github-poc

URL: https://github.com/Web3-Serializer/CVE-2025-47916

Vulnerable Software (1)

Type: Configuration

Vendor: *

Product: invisioncommunity

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:invisioncommunity:invisioncommunity:*:*:*:*:*:*:*:*",      "versionEndExcluding": "5.0.7",      "versionStartIncluding": "5.0.0",      "vulnera...

Source: nvd

End of list