CNNVD-202508-772 Information

CNNVD ID

CNNVD-202508-772

Related CVE

CVE-2012-10042

• CNNVD Published: 2025-08-08

Description (Chinese)

Sourceforge sflog!是Sourceforge开源的一个内容管理系统。 Sourceforge sflog! 1.0版本存在安全漏洞，该漏洞源于blog管理界面未验证文件类型，可能导致任意文件上传和远程代码执行。

Description (English)

Sourceforge sflog! is an open-source content management system. Sourceforge sflog! Version 1.0 contains a security loophole that originates from the blog management interface and does not verify the type of file, which may lead to any upload and remote code execution.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Sourceforge

Published

2025-08-08

Last Modified

2026-02-24

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/ https://sourceforge.net/projects/sflog/ https://www.exploit-db.com/exploits/19626 https://www.vulncheck.com/advisories/sflog-cms-arbitrary-file-upload-rce https://access.redhat.com/security/cve/cve-2012-10042