CNNVD-202508-244 Information

CNNVD ID

CNNVD-202508-244

Related CVE

CVE-2025-8519

• CNNVD Published: 2025-08-04

Description (Chinese)

Vvveb是Givan个人开发者的一个强大且易于使用的CMS，用于构建网站、博客或电子商务商店。 Vvveb 1.0.5及之前版本存在访问控制错误漏洞，该漏洞源于对参数url的错误操作导致信息泄露。

Description (English)

Vvveb is a powerful and easy-to-use CMS for Givan personal developers to build a website, blog or e-commerce store. Vvveb 1.5 and previous versions had access control error holes, which resulted from an error in the url of the parameter that led to the disclosure of information.

Hazard Level

Critical

Vulnerability Type

访问控制错误

Affected Vendor

个人开发者

Published

2025-08-04

Last Modified

2026-02-24

References

https://vuldb.com/?id.318645 https://github.com/givanz/Vvveb/releases/tag/1.0.6 https://vuldb.com/?submit.624972 https://github.com/givanz/Vvveb/commit/f684f3e374d04db715730fc4796e102f5ebcacb2 https://hkohi.ca/vulnerability/10 https://vuldb.com/?ctiid.318645 https://nvd.nist.gov/vuln/detail/CVE-2025-8519 https://access.redhat.com/security/cve/cve-2025-8519

Patch

https://github.com/givanz/Vvveb/releases