← Back to CVEs
CVE-2025-54473
N/ADescription
An authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla was discovered. The issue allows code execution via the unzip feature.
CVE Details
CVSS v3.1 ScoreN/A
Published8/15/2025
Last Modified8/15/2025
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-434
References
https://phoca.cz/(security@joomla.org)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.