CVE-2025-52362 – PHProxy SSRF

July 22, 2025

CVE ID : CVE-2025-52362

Published : July 21, 2025, 8:15 p.m. | 1 day, 4 hours ago

Description : Server-Side Request Forgery (SSRF) vulnerability exists in the URL processing functionality of PHProxy version 1.1.1 and prior. The input validation for the _proxurl parameter can be bypassed, allowing a remote, unauthenticated attacker to submit a specially crafted URL

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2012-10020 – FoxyPress WordPress Arbitrary File Upload Vulnerability

Next Article CVE-2025-44654 – Linksys E2500 vsftpd Unauthenticated Remote Command Execution Vulnerability

Tenable updates Vulnerability Priority Rating scoring method to flag fewer vulnerabilities as critical

Google adds updated workspace templates in Firebase Studio that leverage new Agent mode

AI and its impact on the developer experience, or ‘where is the joy?’

Google launches OSS Rebuild tool to improve trust in open source packages

EcoFlow’s new portable battery stations are lighter and more powerful (DC plug included)

7 ways Linux can save you money

My favorite Kindle tablet just got a kids model, and it makes so much sense

You can turn your Google Photos into video clips now – here’s how

Blade Service Injection: Direct Service Access in Laravel Templates

Blade Service Injection: Direct Service Access in Laravel Templates

This Week in Laravel: NativePHP Mobile and AI Guidelines from Spatie

Retrieve the Currently Executing Closure in PHP 8.5

FOSS Weekly #25.30: AUR Poisoned, Linux Rising, PPA Explained, New Open Source Grammar Checker and More

FOSS Weekly #25.30: AUR Poisoned, Linux Rising, PPA Explained, New Open Source Grammar Checker and More

How to Open Control Panel in Windows 11

How to Shut Down Windows 11

CVE-2025-52362 – PHProxy SSRF

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Hackers Deploy Stealth Backdoor in WordPress Mu-Plugins to Maintain Admin Access

Google verhelpt zes beveiligingslekken in Chrome

Microsoft Edge for Android may suggest SteamDB extension when visiting Steam

CVE-2025-5132 – Tmall Demo Cross-Site Request Forgery Vulnerability

CVE-2025-5113 – Diviotec Professional Series Web Interface Command Injection

AI comes to Reddit’s main search bar – who needs Google now?

Shadcn Studio

If you think you can do better than Xbox or PlayStation in the Console Wars, you may just want to try out this card game

Microsoft Copilot is “pretty important” but customers still prefer ChatGPT — “OpenAI has done a tremendous job”

CVE-2025-52362 – PHProxy SSRF

Related Posts