CNNVD-202509-1441 Information

CNNVD ID

CNNVD-202509-1441

Related CVE

CVE-2025-10122

• CNNVD Published: 2025-09-09

Description (Chinese)

maccms10是magicblack开源的一套采用 PHP+MYSQL 环境下运行的完善而强大的快速建站系统。 maccms10 2025.1000.4050版本存在SQL注入漏洞，该漏洞源于对文件application/admin/controller/Database.php中函数rep的参数where的错误操作导致SQL注入。

Description (English)

The maccms10 is a robust and fast-construction system that operates in a PHP+MYSQL setting as a magicblack open source. The version of maccms 10 2025.1000.4050 contains an injection loophole in SQL, which results from an error in the location of the rep function in document application/admin/controller/Database.php, resulting in the SQL injection.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

magicblack

Published

2025-09-09

Last Modified

2026-02-24

References

https://github.com/August829/Yu/blob/main/58ead8e7e08bfb016.md https://vuldb.com/?ctiid.323092 https://vuldb.com/?id.323092 https://vuldb.com/?submit.645702