CNNVD-202601-1921 Information

CNNVD ID

CNNVD-202601-1921

Related CVE

CVE-2022-50916

• CNNVD Published: 2026-01-13

Description (Chinese)

e107是E107团队的一套开源、免费且基于PHP和MySQL的内容管理系统（CMS）。该系统支持多种插件和外观主题，可作为个人博客、讨论社区、档案资料库等。 e107 3.2.1版本存在代码问题漏洞，该漏洞源于Media Manager导入功能存在文件上传漏洞，可能导致管理员覆盖服务器文件。

Description (English)

e107 is an open-source, free and PHP-based content management system (CMS) for the E107 team. The system supports various plugins and visual themes that can be used as personal blogs, community discussions, archives, etc. e107 3.2.1 has a code problem loophole, which stems from a file upload gap in the Media Manager import function, which may result in administrators overwhelming server files.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

E107

Published

2026-01-13

Last Modified

2026-02-24

References

https://e107.org/download https://www.vulncheck.com/advisories/e-cms-upload-restriction-bypass-authenticated-admin-server-file-override https://www.exploit-db.com/exploits/50910 https://access.redhat.com/security/cve/cve-2022-50916