A critical vulnerabilities in ScriptCase, a popular low-code platform used for generating PHP web applications, that allow attackers to execute remote commands and gain complete server access without authentication.
The vulnerabilities, tracked as CVE-2025-47227 and CVE-2025-47228, can be chained together to achieve pre-authenticated remote...