CNNVD-202508-3018 Information

CNNVD ID

CNNVD-202508-3018

Related CVE

CVE-2025-9399

• CNNVD Published: 2025-08-25

Description (Chinese)

Yifang CMS是中国亿坊（Yifang）公司的一个PHP企业网站开发建设管理系统。 Yifang CMS 2.0.5及之前版本存在安全漏洞，该漏洞源于文件app/logic/L_tool.php中new_url参数存在SQL注入。

Description (English)

Yifang CMS is a PHP Enterprise website development and management system for Yifang Corporation in China. There is a security loophole in Yifang CMS 2.0.5 and earlier versions, which is derived from the SQL injection of the New url parameter in documentapp/logic/L tool.php.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

亿坊

Published

2025-08-25

Last Modified

2026-02-24

References

https://vuldb.com/?submit.632534 https://vuldb.com/?id.321235 https://vuldb.com/?ctiid.321235 https://github.com/August829/Yu/blob/main/20250811_4.md#poc https://nvd.nist.gov/vuln/detail/CVE-2025-9399