CVE-2025-0520 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code e…
Critical CVSS: 9.4

CVE-2025-0520

An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: before 2.8.7.
Vendor
-
Product
-
CWE
CWE-434
Yayın Tarihi
2025-04-29 20:15:25
Güncelleme
2025-11-04 23:15:33
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-434 CRITICAL 2025

Referanslar

https://github.com/star7th/showdoc/pull/1059 https://github.com/vulhub/vulhub/tree/master/showdoc/CNVD-2020-26585 https://www.cnvd.org.cn/flaw/show/CNVD-2020-26585 https://www.vulncheck.com/advisories/showdoc-unauthenticated-file-upload-rce