CNNVD-202512-2815 Information
Dec 16, 2025
cve
CNNVD ID
CNNVD-202512-2815
Related CVE
- CNNVD Published: 2025-12-16
Description (Chinese)
Podcast Generator是PodcastGenerator开源的一套使用PHP语言编写的免费播客发布脚本。 Podcast Generator 3.2.9版本存在安全漏洞,该漏洞源于盲服务器端请求伪造,可能导致攻击者在剧集上传表单中注入XML。
Description (English)
Podcast Generator is a free podcast in PHP language from PodcastGenerator. There is a security loophole in version 3.2.9 of Podcast Generator, which originates from a blind server request for forgery, which could lead to the assailant injecting XML into the upload form of the play.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
PodcastGenerator
Published
2025-12-16
Last Modified
2026-02-24
References
https://github.com/PodcastGenerator/PodcastGenerator https://podcastgenerator.net/ https://www.exploit-db.com/exploits/51565 https://www.vulncheck.com/advisories/podcastgenerator-blind-server-side-request-forgery-via-xml-injection
Share on: