CVE-2019-25647 in PhreeBooksinfo

Summary

by MITRE • 03/24/2026

PhreeBooks 5.2.3 contains an authenticated file upload vulnerability in the Image Manager that allows remote code execution. Attackers can upload a malicious PHP web shell by exploiting unrestricted file type uploads to gain command execution on the server.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsible

VulnCheck

Reservation

01/18/2026

Disclosure

03/24/2026

Moderation

accepted

Entry

VDB-342648

CPE

ready

CWE

CWE-434 (confirmed)

Exploit

Download

CVSS

8.8 (CNA)

EPSS

0.00600

KEV

Activities

very low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2019-25647
NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-25647
CVE Details	https://www.cvedetails.com/cve/CVE-2019-25647/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!