CNNVD-202507-3844 Information
CNNVD ID
CNNVD-202507-3844
Related CVE
- CNNVD Published: 2025-07-31
Description (Chinese)
Viglet Shio CMS是Viglet开源的一个内容管理系统。 Viglet Shio CMS 0.3.8及之前版本存在安全漏洞,该漏洞源于文件shio-app/src/main/java/com/viglet/shio/api/staticfile/ShStaticFileAPI.java中参数filename的错误操作导致无限制上传。
Description (English)
Viglet Shio CMS is an open-source content management system for Viglet. There is a security loophole in Viglet Shio CMS 0.3.8 and earlier versions, which stems from the unrestricted uploading of the parameter file file fiilename in document shio-app/src/main/java/com/viglet/shio/api/staticfile/ShStaticFileAPI.java.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Viglet
Published
2025-07-31
Last Modified
2026-02-24
References
https://vuldb.com/?submit.617680 https://vuldb.com/?id.318294 https://github.com/openviglet/shio/issues/1029 https://vuldb.com/?ctiid.318294 https://github.com/openviglet/shio/issues/1029#issue-3239422554 https://access.redhat.com/security/cve/cve-2025-8344
Share on: