Vulnerability Description
An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: before 2.8.7.
Related Weaknesses (CWE)
References
- https://github.com/star7th/showdoc/pull/1059
- https://github.com/vulhub/vulhub/tree/master/showdoc/CNVD-2020-26585
- https://www.cnvd.org.cn/flaw/show/CNVD-2020-26585
- https://www.vulncheck.com/advisories/showdoc-unauthenticated-file-upload-rce
FAQ
What is CVE-2025-0520?
CVE-2025-0520 is a documented vulnerability. An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: bef...
How severe is CVE-2025-0520?
CVSS scoring is not yet available for CVE-2025-0520. Check NVD for updates.
Is there a patch for CVE-2025-0520?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.