CNNVD-202507-638 Information

CNNVD ID

CNNVD-202507-638

Related CVE

CVE-2025-7100

• CNNVD Published: 2025-07-07

Description (Chinese)

BoyunCMS是中国博云（Boyun）公司的一款企业内容管理系统。 BoyunCMS 1.4.20及之前版本存在安全漏洞，该漏洞源于文件/application/user/controller/Index.php中参数image处理不当，可能导致任意文件上传。

Description (English)

BoyunCMS is an enterprise content management system for Boyun, China. BoyunCMS 1.4.20 and previous versions contain a security loophole, which stems from the inappropriate handling of the parameter image in the document/application/user/controller/Index.php, which may lead to any uploading of the document.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

博云

Published

2025-07-07

Last Modified

2026-02-24

References

https://vuldb.com/?id.315014 https://vuldb.com/?ctiid.315014 https://note-hxlab.wetolink.com/share/KLjaD7oBzCSp https://vuldb.com/?submit.604455 https://access.redhat.com/security/cve/cve-2025-7100

Patch

https://www.boyunweb.cn/pc/index57/index/classid/26/id/42.html