CNNVD-202508-595 Information

CNNVD ID

CNNVD-202508-595

Related CVE

CVE-2025-50234

• CNNVD Published: 2025-08-06

Description (Chinese)

mccms（漫城CMS）是中国烟雨江南（chshcms）个人开发者的一个快速建站系统。 mccms v2.7.0版本存在安全漏洞，该漏洞源于sysappscontrollersapiGf.php文件中pic参数处理不当，可能导致SSRF攻击。

Description (English)

mccms (CMS) is a fast-track station system for the personal developers of chshcms in China. The security gap in version mccms v2.7.0 arises from the mishandling of the pic parameters in the sysappscontrollersapiGf.php file, which could lead to an SSRF attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-08-06

Last Modified

2026-02-24

References

https://github.com/xiaoyangsec/mccms/blob/main/MCCMS-SSRF.md https://access.redhat.com/security/cve/cve-2025-50234 https://nvd.nist.gov/vuln/detail/CVE-2025-50234