CNNVD-202512-2646 Information

CNNVD ID

CNNVD-202512-2646

Related CVE

CVE-2023-53871

• CNNVD Published: 2025-12-15

Description (Chinese)

soosyze是Soosyze开源的一个内容管理系统。 soosyze 2.0.0版本存在代码问题漏洞，该漏洞源于文件上传机制存在漏洞，可能导致上传任意HTML文件并执行恶意PHP脚本。

Description (English)

Soosyze is an open-source content management system for Soosyze. Soosyze version 2.0.0 has a code gap, which stems from a gap in the document upload mechanism, which could lead to the uploading of any HTML document and the implementation of malicious PHP scripts.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Soosyze

Published

2025-12-15

Last Modified

2026-02-24

References

https://soosyze.com/ https://github.com/soosyze/soosyze https://www.vulncheck.com/advisories/soosyze-unrestricted-file-upload-via-broken-upload-logic https://www.exploit-db.com/exploits/51718 https://access.redhat.com/security/cve/cve-2023-53871