CNNVD-202512-396 Information

CNNVD ID

CNNVD-202512-396

Related CVE

CVE-2025-13949

• CNNVD Published: 2025-12-03

Description (Chinese)

ProudMuBai GoFilm是ProudMuBai个人开发者的一个多播放源自动采集在线影视网站。 ProudMuBai GoFilm 1.0.0版本和1.0.1版本存在代码问题漏洞，该漏洞源于/server/controller/FileController.go文件中SingleUpload函数对File参数验证不足，可能导致任意文件上传。

Description (English)

Proud Mubai Gofilm is a multiple-player of Proud Mubai personal developers who collect online video. There is a code problem loophole in the ProudMubai GoFilm Versions 1.0.0 and 1.0.1, which stems from the inadequate validation of File parameters in the SingleUpload function in the /server/controller/FileController.go file, which may lead to any upload.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

个人开发者

Published

2025-12-03

Last Modified

2026-02-24

References

https://vuldb.com/?submit.692774 https://github.com/yzlala1147/cve/issues/1 https://vuldb.com/?id.334164 https://vuldb.com/?ctiid.334164 https://access.redhat.com/security/cve/cve-2025-13949