CVE-2025-15187 is a path traversal vulnerability identified in GreenCMS versions 2.0 through 2.3, located in the /DataController.class.php file within the File Handler component. The vulnerability arises from improper validation of the sqlFiles/zipFiles argument, which can be manipulated by an attacker to traverse directories and access files outside the intended directory scope. This flaw can be exploited remotely but requires the attacker to have high-level privileges (authenticated with elevated rights) on the system, reducing the attack surface. The vulnerability does not require user interaction and does not affect confidentiality or integrity to a high degree but can lead to limited information disclosure or unauthorized file access. GreenCMS is no longer maintained, and no official patches or fixes have been released, increasing the risk for organizations that continue to use these versions. The CVSS 4.0 base score is 5.1 (medium), reflecting the moderate impact and exploitation complexity. Although no active exploitation has been reported, public exploit code is available, which could facilitate attacks by skilled adversaries. The vulnerability affects only the GreenCMS product, which is a content management system with a limited user base compared to mainstream CMS platforms. The lack of vendor support means organizations must rely on custom mitigations or migration to secure their environments.

The primary impact of CVE-2025-15187 is unauthorized access to files on the server hosting GreenCMS, potentially exposing sensitive configuration files, source code, or other data stored outside the web root. This can lead to information disclosure, aiding further attacks such as privilege escalation or data exfiltration. Since exploitation requires high privileges, the vulnerability is less likely to be exploited by external unauthenticated attackers but poses a significant risk if an attacker gains elevated access through other means. The lack of vendor support and patches increases the risk for organizations that continue to use affected versions, as they cannot rely on official fixes. This vulnerability could disrupt the confidentiality and integrity of data managed by GreenCMS installations, impacting organizations that rely on this CMS for their web presence or internal content management. The overall availability impact is low, as the vulnerability does not directly enable denial of service. However, exploitation could be a stepping stone for more severe attacks. Organizations worldwide using GreenCMS, especially in sectors where legacy systems persist, may face increased risk of targeted attacks leveraging this vulnerability.

Since GreenCMS versions up to 2.3 are no longer supported and no official patches exist, organizations should prioritize migrating to a supported CMS platform or a maintained fork of GreenCMS if available. In the interim, administrators should restrict access to the vulnerable File Handler component by implementing strict access controls and limiting high-privilege user accounts to trusted personnel only. Web application firewalls (WAFs) can be configured to detect and block path traversal patterns in requests targeting the sqlFiles/zipFiles parameters. Conduct thorough audits of user privileges to ensure no unnecessary high-level access is granted. Additionally, isolating the GreenCMS environment within segmented network zones can reduce the risk of lateral movement if compromised. Monitoring logs for suspicious access patterns related to file handling requests can provide early detection of exploitation attempts. Employing file system permissions to restrict access to sensitive directories can mitigate the impact of successful traversal attempts. Finally, organizations should develop an incident response plan tailored to potential exploitation scenarios involving this vulnerability.