CNNVD-202601-1929 Information
CNNVD ID
CNNVD-202601-1929
Related CVE
- CNNVD Published: 2026-01-13
Description (Chinese)
e107是E107团队的一套开源、免费且基于PHP和MySQL的内容管理系统(CMS)。该系统支持多种插件和外观主题,可作为个人博客、讨论社区、档案资料库等。 e107 3.2.1版本存在代码问题漏洞,该漏洞源于文件上传限制绕过,可能导致管理员上传恶意PHP文件并执行远程代码。
Description (English)
e107 is an open-source, free and PHP-based content management system (CMS) for the E107 team. The system supports various plugins and visual themes that can be used as personal blogs, community discussions, archives, etc. e107 3.2.1 has a code problem gap, which stems from document upload restrictions bypassing, which may lead to malign PHP files being uploaded by administrators and remote code implementation.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
E107
Published
2026-01-13
Last Modified
2026-02-24
References
https://e107.org/download https://www.vulncheck.com/advisories/e-cms-admin-upload-restriction-bypass-rce https://www.exploit-db.com/exploits/50910 https://access.redhat.com/security/cve/cve-2022-50907
Share on: