CNNVD-202509-1045 Information

CNNVD ID

CNNVD-202509-1045

Related CVE

CVE-2025-58449

• CNNVD Published: 2025-09-08

Description (Chinese)

maho是MahoCommerce开源的一个电子商务平台。 Maho 25.9.0之前版本存在安全漏洞，该漏洞源于文件上传功能存在远程代码执行。

Description (English)

Maho is an open-source e-commerce platform for MahoCommerce. The previous version of Maho 25.9.0 had a security gap, which stemmed from the remote code execution of the document upload function.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

MahoCommerce

Published

2025-09-08

Last Modified

2026-02-24

References

https://github.com/MahoCommerce/maho/commit/db54a1b44e9b3fd26b27ca4d5ece0af99c4dcb53 https://github.com/MahoCommerce/maho/security/advisories/GHSA-vgmm-27fc-vmgp https://access.redhat.com/security/cve/cve-2025-58449

Patch

https://github.com/MahoCommerce/maho/releases