Exploit for CVE-2025-49113

Name: Exploit for CVE-2025-49113
Rating: 5 (263 reviews)

2025-08-29 | CVSS 9.9

## https://sploitus.com/exploit?id=B0D24486-E6E0-54D9-8A68-9FAE3D0C0F9E
Python Script for CVE-2025-49113 

Usage: python exploit.py     

https://ubuntu.com/security/CVE-2025-49113

Description: 
Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.