CNNVD-202601-3964 Information
Jan 23, 2026
cve
CNNVD ID
CNNVD-202601-3964
Related CVE
- CNNVD Published: 2026-01-23
Description (Chinese)
PhreeBooks是PhreeBooks公司的一个企业资源规划和记账财务软件。 PhreeBooks 5.2.3版本存在安全漏洞,该漏洞源于Image Manager存在文件上传漏洞,可能导致远程代码执行。
Description (English)
PhreBooks is an ERP and accounting finance software for PhreBooks. FreeBooks version 5.2.3 contains a security loophole, which stems from the file upload gap in Image Manager, which may lead to remote code execution.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
PhreeBooks
Published
2026-01-23
Last Modified
2026-02-24
References
https://gist.github.com/joswr1ght/22f40787de19d80d110b37fb79ac3985 https://www.exploit-db.com/exploits/46645 https://www.exploit-db.com/exploits/49524 https://www.phreesoft.com/ https://www.vulncheck.com/advisories/phreebooks-remote-code-execution https://access.redhat.com/security/cve/cve-2021-47904
Share on: