Path Traversal Vulnerability in YesWiki PHP Wiki System
CVE-2025-31131

8.6HIGH

Key Information:

Vendor
Yeswiki
Status
Yeswiki
Vendor
CVE Published:
1 April 2025

Badges

📈 Score: 924👾 Exploit Exists🟡 Public PoC🟣 EPSS 26%📰 News Worthy

What is CVE-2025-31131?

CVE-2025-31131 is a path traversal vulnerability in the YesWiki PHP Wiki System, which is designed to facilitate collaborative editing and knowledge sharing within organizations. This vulnerability exposes sensitive server files to unauthorized access by attackers, which can severely impact an organization’s integrity and confidentiality. By exploiting this flaw, malicious actors can read arbitrary files from the server, potentially accessing critical data or system configurations that can be exploited further.

Technical Details

The vulnerability arises from improper validations in the "squelette" parameter handling, allowing attackers to navigate outside the intended directories within the file system. This failure in input sanitization effectively enables path traversal attacks. The issue is present in versions prior to 4.5.2, where fixes have been implemented to mitigate this security risk.

Potential impact of CVE-2025-31131

  1. Data Exposure: Attackers exploiting this vulnerability can gain unauthorized access to sensitive files, including configuration settings and user data, leading to privacy violations and possible data leaks.

  2. Increased Attack Surface: The ability to read arbitrary files could allow attackers to gather intelligence on the system’s architecture and application logic, facilitating subsequent more sophisticated attacks or exploitation of other vulnerabilities.

  3. Operational Disruption: Unauthorized access to critical system files can result in operational issues, ranging from denial-of-service scenarios to serious breaches that disrupt business continuity and compromise system integrity.

Affected Version(s)

yeswiki < 4.5.2

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-31131
Created by MuhammadWaseem29

News Articles

favicon imageCVE Details

CVE-2025-31131 : YesWiki is a wiki system written in PHP. The squelette parameter is vulnerable t

CVE-2025-31131 : YesWiki is a wiki system written in PHP. The squelette parameter is vulnerable to path traversal attacks, enabling read access to arbitrary files on t

3 weeks ago

References

https://github.com/YesWiki/yeswiki/security/advisories/GH...
x_refsource_CONFIRM
https://github.com/YesWiki/yeswiki/commit/f78c915369a60c7...
x_refsource_MISC

EPSS Score

26% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • 📰

    First article discovered by CVE Details

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.