CNNVD-202511-1906 Information

CNNVD ID

CNNVD-202511-1906

Related CVE

CVE-2025-63748

• CNNVD Published: 2025-11-17

Description (Chinese)

SourceForge QaTraq是SourceForge开源的一个测试管理工具。 SourceForge QaTraq 6.9.2版本存在安全漏洞，该漏洞源于文件类型限制不足，可能导致上传和执行任意PHP文件。

Description (English)

SourceForge Qatraq is a testing management tool for the Open Source of Service. There is a security loophole in version 6.9.2 of SourceForge Qatraq, which stems from inadequate document type restrictions, which may lead to the uploading and execution of any PHP document.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Sourceforge

Published

2025-11-17

Last Modified

2026-02-24

References

http://qatraq.com https://bitsbyamg.com/blog/post/2025/10/19/qatraq-692-default-creds-and-file-upload-rce https://access.redhat.com/security/cve/cve-2025-63748