Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Sourceforge — Vulnerabilities & Security Advisories 15

Browse all 15 CVE security advisories affecting Sourceforge. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Sourceforge serves as a primary platform for open-source software development, hosting code repositories and facilitating project collaboration. Historically, the platform has been susceptible to various vulnerability classes, including remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with 15 CVEs currently documented. Notable security characteristics include its long-standing presence in the open-source community, which has made it a target for attacks. Major incidents have included supply chain attacks where malicious code was injected into legitimate projects, compromising developer and user systems. Despite these challenges, the platform remains widely used, necessitating ongoing security vigilance from both the maintainers and its user base.

Top products by Sourceforge: Data Center Audit Easyndexer 202CMS SoX - Sound eXchange Meneame English Pligg GPS Tracking System Placeto CMS SimplePress CMS phpFileManager OpenBiz Cubi Lite Snes9K 0.0.9z Echo Mirage
CVE IDTitleCVSSSeverityPublished
CVE-2019-25705 Echo Mirage 3.1 Stack Buffer Overflow via Rules Action Field — Echo MirageCWE-787 8.4 High2026-04-12
CVE-2018-25251 Snes9K 0.0.9z Buffer Overflow SEH via Netplay Socket — Snes9K 0.0.9zCWE-787 8.4 High2026-04-04
CVE-2018-25209 OpenBiz Cubi Lite 3.0.8 SQL Injection via username Parameter — OpenBiz Cubi LiteCWE-89 8.2 High2026-03-26
CVE-2019-25632 phpFileManager 1.7.8 Local File Inclusion via index.php — phpFileManagerCWE-306 6.2 Medium2026-03-24
CVE-2019-25575 SimplePress CMS 1.0.7 SQL Injection via p and s Parameters — SimplePress CMSCWE-89 8.2 High2026-03-21
CVE-2019-25539 202CMS v10 beta SQL Injection via register.php — 202CMSCWE-89 8.2 High2026-03-12
CVE-2019-25538 202CMS v10 beta SQL Injection via log_user Parameter — 202CMSCWE-89 8.2 High2026-03-12
CVE-2019-25529 Placeto CMS Alpha rv.4 SQL Injection via page Parameter — Placeto CMSCWE-89 7.1 High2026-03-12
CVE-2018-25192 GPS Tracking System 2.12 SQL Injection via username Parameter — GPS Tracking SystemCWE-89 8.2 High2026-03-06
CVE-2018-25190 Easyndexer 1.0 Cross-Site Request Forgery via createuser.php — EasyndexerCWE-352 5.3 Medium2026-03-06
CVE-2018-25189 Data Center Audit 2.6.2 SQL Injection via username Parameter — Data Center AuditCWE-89 8.2 High2026-03-06
CVE-2018-25178 Easyndexer 1.0 Arbitrary File Download via showtif.php — EasyndexerCWE-22 7.5 High2026-03-06
CVE-2018-25177 Data Center Audit 2.6.2 Cross-Site Request Forgery via dca_resetpw.php — Data Center AuditCWE-352 5.3 Medium2026-03-06
CVE-2018-25166 Meneame English Pligg 5.8 SQL Injection via search Parameter — Meneame English PliggCWE-89 8.2 High2026-03-06
CVE-2019-1010004 SoX 缓冲区错误漏洞 — SoX - Sound eXchange 5.5 -2019-07-15

This page lists every published CVE security advisory associated with Sourceforge. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.