CNNVD-202508-825 Information

CNNVD ID

CNNVD-202508-825

Related CVE

CVE-2025-8752

• CNNVD Published: 2025-08-09

Description (Chinese)

wangzhixuan spring-shiro-training是中国wangzhixuan公司的一款学习系统。 wangzhixuan spring-shiro-training存在注入漏洞，该漏洞源于文件/role/add存在命令注入问题。

Description (English)

Wangzhixuan spring-shiro-training is a learning system of the Chinese company Wangzhixuan. An injection loophole exists in the wangzhixuan spring-shiro-training, which stems from the problem of command injection in the document/rule/add.

Hazard Level

Medium

Vulnerability Type

注入

Affected Vendor

wangzhixuan

Published

2025-08-09

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.319246 https://gitee.com/wangzhixuan/spring-shiro-training/issues/ICP2ME https://vuldb.com/?id.319246 https://vuldb.com/?submit.623679 https://access.redhat.com/security/cve/cve-2025-8752