CNNVD-202507-2239 Information

CNNVD ID

CNNVD-202507-2239

Related CVE

CVE-2025-53925

• CNNVD Published: 2025-07-16

Description (Chinese)

emlog是emlog开源的一套基于PHP和MySQL的CMS建站系统。 emlog pro-2.5.17及之前版本存在安全漏洞，该漏洞源于文件上传功能清理不足，可能导致认证用户上传恶意svg文件执行代码。

Description (English)

Emlog is a CMS station system based on PHP and MySQL. There is a security loophole in the emlog pro-2.5.17 and earlier versions, which stems from inadequate document uploading, which may lead to the uploading of malicious svg file execution codes by the authentication user.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Emlog

Published

2025-07-16

Last Modified

2026-02-24

References

https://github.com/emlog/emlog/security/advisories/GHSA-x4wj-rhvg-hqr9