CNNVD-202508-382 Information

Aug 05, 2025 cve

CNNVD ID

CNNVD-202508-382

CVE-2013-10066

CNNVD Published: 2025-08-05

Description (Chinese)

Kordil EDMS是土耳其Kordil公司的一套开源的电子文档管理系统。该系统支持文档管理和文档控制等功能。 Kordil EDMS v2.2.60rc3版本存在安全漏洞，该漏洞源于未验证上传文件类型，可能导致任意文件上传和远程代码执行。

Description (English)

Kordil EDMS is an open-source electronic document management system for the Turkish company Kordil. The system supports functions such as document management and document control. There is a security loophole in the Kordil EDMS v2.2.60rc3 version, which stems from the unverified type of upload file and may lead to any upload and remote code execution.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Kordil

Published

2025-08-05

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/kordil-edms-unauth-arbitrary-file-upload https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/ https://www.exploit-db.com/exploits/24547 https://www.juniper.net/us/en/threatlabs/ips-signatures/detail.APP:MSF-KORDIL-EDMS-AFU.html https://sourceforge.net/projects/kordiledms/ https://access.redhat.com/security/cve/cve-2013-10066

Share on: