CVE-2025-54473 Information

Description

An authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla was discovered. The issue allows code execution via the unzip feature.

Reference

https://phoca.cz/

Related CNNVD

CNNVD-202508-1848 (Published: 2025-08-15)