CNNVD-202507-637 Information

CNNVD ID

CNNVD-202507-637

Related CVE

CVE-2025-7103

• CNNVD Published: 2025-07-07

Description (Chinese)

BoyunCMS是中国博云（Boyun）公司的一款企业内容管理系统。 BoyunCMS 1.4.20及之前版本存在安全漏洞，该漏洞源于文件/application/pay/controller/Index.php中组件curl处理不当，可能导致服务端请求伪造。

Description (English)

BoyunCMS is an enterprise content management system for Boyun, China. BoyunCMS 1.4.20 and previous versions contain a security loophole that stems from the inappropriate handling of the curl component in the document/application/pay/controller/Index.php, which may result in the forgery of service-level requests.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

博云

Published

2025-07-07

Last Modified

2026-02-24

References

https://note-hxlab.wetolink.com/share/gRI0WyQLQsmd https://vuldb.com/?ctiid.315017 https://vuldb.com/?id.315017 https://vuldb.com/?submit.604403

Patch

https://www.boyunweb.cn/pc/index57/index/classid/26/id/42.html