CNNVD-202507-3843 Information
Jul 31, 2025
cve
CNNVD ID
CNNVD-202507-3843
Related CVE
- CNNVD Published: 2025-07-31
Description (Chinese)
Viglet Shio CMS是Viglet开源的一个内容管理系统。 Viglet Shio CMS 0.3.8及之前版本存在安全漏洞,该漏洞源于文件shio-app/src/main/java/com/viglet/shio/api/staticfile/ShStaticFileAPI.java中参数fileName的错误操作导致路径遍历。
Description (English)
Viglet Shio CMS is an open-source content management system for Viglet. There is a security loophole in Viglet Shio CMS 0.3.8 and earlier versions, which stems from the error of the parameter file name in document shio-app/src/main/java/com/viglet/shio/api/staticfile/ShStaticFileAPI.java leading to the path.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Viglet
Published
2025-07-31
Last Modified
2026-02-24
References
https://vuldb.com/?id.318293 https://github.com/openviglet/shio/issues/1028#issue-3239418750 https://vuldb.com/?ctiid.318293 https://vuldb.com/?submit.617679 https://access.redhat.com/security/cve/cve-2025-8343
Share on: