CNNVD-202512-2059 Information

CNNVD ID

CNNVD-202512-2059

Related CVE

CVE-2024-58295

• CNNVD Published: 2025-12-11

Description (Chinese)

Elkarte是ElkArte开源的一个论坛软件。 Elkarte 1.1.9版本存在代码问题漏洞，该漏洞源于主题安装过程中存在PHP文件上传，可能导致执行系统命令。

Description (English)

Elkarte is an open source forum software for ElkArte. Elkarte Version 1.1.9 has a code gap, which arises from the uploading of PHP files during the thematic installation, which may lead to the execution of system commands.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

ElkArte

Published

2025-12-11

Last Modified

2026-02-24

References

https://github.com/elkarte/Elkarte/releases/download/v1.1.9/ElkArte_v1-1-9_install.zip https://www.elkarte.net/ https://www.exploit-db.com/exploits/52026 https://www.vulncheck.com/advisories/elkarte-forum-authenticated-remote-code-execution-via-theme-upload