CNNVD-202506-3666 Information

Jun 29, 2025 cve

CNNVD ID

CNNVD-202506-3666

CVE-2025-6839

CNNVD Published: 2025-06-29

Description (Chinese)

Conjure Position Department Service Quality Evaluation System是中国星空间（Conjure）公司的一个岗位部门服务质量评价系统。 Conjure Position Department Service Quality Evaluation System 1.0.11及之前版本存在安全漏洞，该漏洞源于对文件public/assets/less/bootstrap-less/mixins/head.php中参数payload的错误操作导致后门。

Description (English)

Conjure Partnership Service Quality Evaluation System is a system for evaluating the quality of service in the job sector of Conjure. There is a security loophole in the report Department Service Quality System 1.0.11 and previous versions, which stems from an error in the payloading of the parameter in document public/assets/less/bootstream-less/mixins/head.php.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

星空间

Published

2025-06-29

Last Modified

2026-02-24

References

https://vuldb.com/?submit.603176 https://vuldb.com/?ctiid.314282 https://vuldb.com/?id.314282 https://note-hxlab.wetolink.com/share/LZJIef0phS6B#proof-of-concept- https://access.redhat.com/security/cve/cve-2025-6839

Share on: