CVE-2025-63739
An issue was discovered in function phpinisaveAction in file webmain/system/cogini/coginiAction.php in Xinhu Rainrock Ro
An issue was discovered in function phpinisaveAction in file webmain/system/cogini/coginiAction.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers to authenticated users to modify PHP configuration files via the a parameter to the index.php endpoint.
MEDIUM · CVSS 4.3
EPSS 0.00038
Schedule remediation
- Public exploit or PoC is available
Sigma rules0
YARA rules0