CNNVD-202508-3015 Information

CNNVD ID

CNNVD-202508-3015

Related CVE

CVE-2025-9402

• CNNVD Published: 2025-08-25

Description (Chinese)

UTCMS是usualtool个人开发者的一个基于 UT 框架构建的内容管理系统。 UTCMS 9版本存在代码问题漏洞，该漏洞源于文件app/modules/ut-frame/admin/update.php中UPDATEURL参数存在服务端请求伪造。

Description (English)

UTCMS is a UT-based content management system built by the UT framework of our own personal developers. UTCMS version 9 has a code problem loophole, which stems from the existence of a service-end request for forgery of UPDATEURL parameters in documentapp/modules/ut-frame/admin/update.php.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

个人开发者

Published

2025-08-25

Last Modified

2026-02-24

References

https://vuldb.com/?submit.632537 https://vuldb.com/?id.321238 https://vuldb.com/?ctiid.321238 https://github.com/August829/Yu/blob/main/20250811_1.md#poc https://nvd.nist.gov/vuln/detail/CVE-2025-9402