{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T07:07:12.400","vulnerabilities":[{"cve":{"id":"CVE-2025-34060","sourceIdentifier":"disclosure@vulncheck.com","published":"2025-07-01T15:15:24.620","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[{"sourceIdentifier":"disclosure@vulncheck.com","tags":["unsupported-when-assigned"]}],"descriptions":[{"lang":"en","value":"A PHP objection injection vulnerability exists in the Monero Project’s Laravel-based forum software due to unsafe handling of untrusted input in the /get/image/ endpoint. The application passes a user-supplied link parameter directly to file_get_contents() without validation. MIME type checks using PHP’s finfo can be bypassed via crafted stream filter chains that prepend spoofed headers, allowing access to internal Laravel configuration files. An attacker can extract the APP_KEY from config/app.php, forge encrypted cookies, and trigger unsafe unserialize() calls, leading to reliable remote code execution."},{"lang":"es","value":"Existe una vulnerabilidad de inyección de objeciones en PHP en el software de foro basado en Laravel del Proyecto Monero debido al manejo inseguro de entradas no confiables en el endpoint /get/image/. La aplicación pasa un parámetro de enlace proporcionado por el usuario directamente a file_get_contents() sin validación. Las comprobaciones de tipo MIME mediante finfo de PHP pueden eludirse mediante cadenas de filtros de flujo manipuladas que anteponen encabezados falsificados, lo que permite el acceso a los archivos de configuración internos de Laravel. Un atacante puede extraer la clave APP_KEY de config/app.php, falsificar cookies cifradas y activar llamadas unserialize() inseguras, lo que provoca la ejecución remota de código fiable."}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-502"},{"lang":"en","value":"CWE-829"}]}],"references":[{"url":"https://swap.gs/posts/monero-forums/","source":"disclosure@vulncheck.com"},{"url":"https://vulncheck.com/advisories/monero-forum-rce","source":"disclosure@vulncheck.com"}]}}]}