Reconnecting to live updates…

CVE-2025-15244: Race Condition in PHPEMS

Medium

VulnerabilityCVE-2025-15244cve cve-2025-15244

Published: Tue Dec 30 2025 (12/30/2025, 10:32:05 UTC)

Source: CVE Database V5

Product: PHPEMS

Description

A vulnerability has been found in PHPEMS up to 11.0. This impacts an unknown function of the component Purchase Request Handler. The manipulation leads to race condition. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The exploitability is said to be difficult. The exploit has been disclosed to the public and may be used.

Technical Details

Data Version: 5.2
Assigner Short Name: VulDB
Date Reserved: 2025-12-29T08:20:03.791Z
Cvss Version: 4.0
State: PUBLISHED

Threat ID: 6953ad6a71a94549f1bba38e

Added to database: 12/30/2025, 10:46:02 AM

Last updated: 12/30/2025, 12:09:19 PM

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by

Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.