CNNVD-202508-771 Information

CNNVD ID

CNNVD-202508-771

Related CVE

CVE-2010-10013

• CNNVD Published: 2025-08-08

Description (Chinese)

Sourceforge AjaXplorer是Sourceforge开源的一个基于Web的文件管理器。 Sourceforge AjaXplorer 2.6之前版本存在安全漏洞，该漏洞源于access.ssh插件中checkInstall.php脚本未正确清理用户输入，可能导致远程命令执行。

Description (English)

Sonceforge AjaXplorer is a Web-based file manager from the Source of Sonceforge. There was a security loophole in the previous version of Sourceforge AjaXplorer 2.6, which resulted from the fact that the checkInstall.php script in the access.ssh plugin did not properly clean up user input, which could lead to remote command execution.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Sourceforge

Published

2025-08-08

Last Modified

2026-02-24

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/ https://sourceforge.net/projects/ajaxplorer/ https://www.exploit-db.com/exploits/21993 https://www.tenable.com/plugins/nessus/45489 https://www.vulncheck.com/advisories/ajaxplorer-unauth-rce https://access.redhat.com/security/cve/cve-2010-10013

Patch

https://sourceforge.net/projects/ajaxplorer/