CNNVD-202509-4397 Information

CNNVD ID

CNNVD-202509-4397

Related CVE

CVE-2025-57516

• CNNVD Published: 2025-09-29

Description (Chinese)

PublicCMS是中国PublicCMS公司的一套使用Java语言编写的开源内容管理系统（CMS）。 PublicCMS PublicCMS-V5.202506.a版本和PublicCMS-V5.202506.b版本存在安全漏洞，该漏洞源于对backupDB.bat文件中DATABASE、USERNAME或PASSWORD变量的错误操作，可能导致执行任意命令。

Description (English)

PublicCMS is an open-source content management system (CMS) developed in Java by PublicCMS, China. There is a security loophole in the PublicMS PublicCMS-V5.20206.a and PublicCMS-V5.22506.b, which stems from the incorrect operation of DATABASE, USERNAME or PASWORD variables in the BackupDB.bat file, which may result in the execution of arbitrary orders.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

PublicCMS

Published

2025-09-29

Last Modified

2026-02-24

References

https://github.com/sanluan/PublicCMS/issues/97 https://access.redhat.com/security/cve/cve-2025-57516