CVE-2025-13198
📋 TL;DR
This vulnerability allows attackers to upload arbitrary files to DouPHP systems without proper restrictions. It affects all DouPHP installations up to version 1.8 Release 20251022. Remote attackers can exploit this to upload malicious files and potentially execute code on the server.
💻 Affected Systems
- DouPHP
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to complete system compromise, data theft, and lateral movement within the network.
Likely Case
Upload of web shells or malicious scripts enabling persistent access, data exfiltration, or website defacement.
If Mitigated
Limited impact if file execution is prevented through proper web server configuration and file permissions.
🎯 Exploit Status
Exploit details are publicly available on GitHub. Attack requires some level of access but is technically simple to execute.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: None available
Restart Required: No
Instructions:
No official patch available. Monitor DouPHP vendor channels for updates. Consider upgrading to any future patched version when released.
🔧 Temporary Workarounds
Restrict File Upload Types
allImplement server-side validation to only allow specific safe file extensions (e.g., .jpg, .png, .pdf) and block executable extensions.
Modify /include/file.class.php to add strict file type validation
Web Server File Execution Prevention
linuxConfigure web server to prevent execution of uploaded files in upload directories.
For Apache: Add 'php_flag engine off' to .htaccess in upload directory
For Nginx: Add 'location ~* \.(php|phtml)$ { deny all; }' to upload directory config
🧯 If You Can't Patch
- Disable file upload functionality completely if not required
- Implement Web Application Firewall (WAF) rules to block malicious file upload attempts
🔍 How to Verify
Check if Vulnerable:
Check DouPHP version. If version is 1.8 Release 20251022 or earlier, system is vulnerable.Check Version:
Check DouPHP configuration files or admin panel for version informationVerify Fix Applied:
Test file upload functionality with malicious file types. If upload is blocked with proper validation, fix is working.📡 Detection & Monitoring
Log Indicators:
- Unusual file uploads to /include/file.class.php
- Uploads of files with executable extensions (.php, .phtml, .exe)
- Multiple failed upload attempts
Network Indicators:
- POST requests to file upload endpoints with unusual file types
- Traffic patterns indicating file upload exploitation
SIEM Query:
source="web_server_logs" AND (uri="/include/file.class.php" OR file_upload="true") AND (file_extension="php" OR file_extension="phtml" OR file_extension="exe")