CNNVD-202507-589 Information
CNNVD ID
CNNVD-202507-589
Related CVE
- CNNVD Published: 2025-07-06
Description (Chinese)
07FLY-CMS等都是中国零起飞(07FLY)公司的产品。07FLY-CMS是一个自由和开放源码的内容管理系统。07FLYCMS是一个自由和开放源码的内容管理系统。07Fly 07FLYCRM等都是中国零起飞(07Fly)公司的产品。07FLYCRM是一款客户关系管理系统。 07FLY多款产品存在安全漏洞,该漏洞源于容易受到跨站请求伪造攻击。以下产品及版本受到影响:07FLYCMS、07FLY-CMS和07FLYCRM 1.3.9及之前版本。
Description (English)
Both 07FLY-CMS and others are Chinese Zero Takeoff (07FLY). 07FLY-CMS is a free and open source content management system. 07FLYCMS is a free and open source content management system. 07Fly 07FLYCRM and others are products of China Zero Take-off (07Fly). 07FLYCRM is a customer relationship management system. There is a safety loophole in a number of 07FLY products, which stems from the vulnerability to cross-site requests for false attacks. The following products and versions were affected: 07FLYCMS, 07FLY-CMS and 07FLYCRM 1.3.9 et seq.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
零起飞
Published
2025-07-06
Last Modified
2026-02-24
References
https://vuldb.com/?id.314992 https://vuldb.com/?submit.603552 https://vuldb.com/?ctiid.314992 https://github.com/Excentique/yuxuan_mei/blob/main/07fly-crm_1.md https://access.redhat.com/security/cve/cve-2025-7078
Patch
https://www.07fly.xyz/html/down
Share on: