Vulnerability Database

296,857

Total vulnerabilities in the database

CVE-2025-54473

An authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla was discovered. The issue allows code execution via the unzip feature.

Published: Aug 15, 2025
Updated: Aug 16, 2025
CVE: CVE-2025-54473
Exploit:

No technical information available.

CWEs:

CWE-434

Affected Software
References

No affected software listed.

https://phoca.cz/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo