CNNVD-202508-2920 Information

CNNVD ID

CNNVD-202508-2920

Related CVE

CVE-2025-52130

• CNNVD Published: 2025-08-25

Description (Chinese)

WebErpMesv2是Kevin个人开发者的一个面向工业的资源管理和制造的Web系统。 WebErpMesv2 1.17版本存在安全漏洞，该漏洞源于FactoryController.php控制器文件上传功能存在缺陷，可能导致远程代码执行。

Description (English)

WebErpMesv2 is an industry-oriented Web-based resource management and manufacturing system for Kevin’s personal developers. Version 1.17 of WebErpMesv2 contains a security loophole, which stems from deficiencies in the uploading of FactoryController.php controller files, which may lead to remote code execution.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-08-25

Last Modified

2026-02-24

References

https://medium.com/@The_Hiker/wrong-variable-name-leads-to-rce-cve-2025-52130-8ff59a7d245c https://github.com/SMEWebify/WebErpMesv2 https://nvd.nist.gov/vuln/detail/CVE-2025-52130