CNNVD-202512-3145 Information

CNNVD ID

CNNVD-202512-3145

Related CVE

CVE-2023-53922

• CNNVD Published: 2025-12-17

Description (Chinese)

TinyWebGallery是TinyWebGallery开源的一个PHP相册系统。 TinyWebGallery 2.5版本存在代码问题漏洞，该漏洞源于管理员上传功能不当，可能导致远程代码执行。

Description (English)

TinyWebGallery is an open-source PHP album system for TinyWebGalley. TinyWebGallery 2.5 has a code gap, which arises from the inappropriate uploading function of the administrator and may lead to remote code execution.

Hazard Level

Low

Vulnerability Type

代码问题

Published

2025-12-17

Last Modified

2026-02-24

References

http://www.tinywebgallery.com/ https://www.vulncheck.com/advisories/tinywebgallery-remote-code-execution-via-unrestricted-file-upload https://www.exploit-db.com/exploits/51443 https://access.redhat.com/security/cve/cve-2023-53922

Patch

https://www.tinywebgallery.com/en/download.php