CVE-2025-31131: 
PHP vulnerability analysis and mitigation

YesWiki, a PHP-based wiki system, was found to contain a path traversal vulnerability (CVE-2025-31131) in version 4.5.1 and earlier. The vulnerability was discovered in the squelette parameter, which allowed unauthorized read access to arbitrary files on the server. This security issue was fixed in version 4.5.2 (GitHub Advisory).

The vulnerability exists due to improper validation of the squelette parameter in file operations. An attacker could use path traversal sequences (using dot-dot-slash characters) to break out of the intended directory and access files elsewhere on the filesystem. The vulnerability has been assigned a CVSS v3.1 base score of 8.6 (High), with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N, indicating it can be exploited remotely without requiring privileges or user interaction (GitHub Advisory).

The vulnerability allows attackers to access sensitive files containing configuration data, passwords, database records, log data, source code, and program scripts and binaries. For example, attackers could access critical files like /etc/passwd and wakka.config.php, which contains database credentials, leading to a complete loss of confidentiality (GitHub Advisory).

The vulnerability has been fixed in YesWiki version 4.5.2. The patch implements proper input validation and path sanitization for the squelette parameter, preventing path traversal attempts (GitHub Commit).