CNNVD-202509-1860 Information

CNNVD ID

CNNVD-202509-1860

Related CVE

CVE-2025-10397

• CNNVD Published: 2025-09-14

Description (Chinese)

maccms10是magicblack开源的一套采用 PHP+MYSQL 环境下运行的完善而强大的快速建站系统。 maccms10 2025.1000.4050版本存在代码问题漏洞，该漏洞源于对组件API Handler中参数cjurl的错误操作，可能导致服务端请求伪造。

Description (English)

The maccms10 is a robust and fast-construction system that operates in a PHP+MYSQL setting as a magicblack open source. The version of maccms 10 2025.1000.4050 has a code problem loophole, which stems from a mishandling of the parameter cjurl in component API Handler, which may lead to the forgery of service requests.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

MagnusSolution

Published

2025-09-14

Last Modified

2026-02-24

References

https://github.com/August829/Yu/blob/main/58ead8e7e08bfb018.md https://vuldb.com/?id.323832 https://vuldb.com/?submit.645805 https://vuldb.com/?ctiid.323832 https://access.redhat.com/security/cve/cve-2025-10397