CVE-2025-50881 | Flow up to 9.x flow/admin/moniteur.php eval Action improper authentication

A vulnerability described as critical has been identified in Flow up to 9.x. Affected is the function eval of the file flow/admin/moniteur.php. Executing a manipulation of the argument Action can lead to improper authentication.

This vulnerability appears as CVE-2025-50881. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More