CNNVD-202512-954 Information

CNNVD ID

CNNVD-202512-954

Related CVE

CVE-2025-61318

• CNNVD Published: 2025-12-08

Description (Chinese)

Emlog Pro是Emlog开源的一个博客系统。 Emlog Pro 2.5.20版本存在安全漏洞，该漏洞源于admin/template.php和admin/plugin.php组件缺少路径验证，可能导致任意文件删除。

Description (English)

Emlog Pro is a blog system open to Emlog. Version Emlog Pro 2.5.20 contains a security loophole, which originates from the lack of routing of admin/template.php and admin/plugin.php components, which may lead to the deletion of any file.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Emlog

Published

2025-12-08

Last Modified

2026-02-24

References

https://github.com/AndyNull/em/blob/main/emlog%20pro%20-%20del%20vuln.md https://access.redhat.com/security/cve/cve-2025-61318

Patch

https://github.com/emlog/emlog/releases