CNNVD-202509-4421 Information
Sep 29, 2025
cve
CNNVD ID
CNNVD-202509-4421
Related CVE
- CNNVD Published: 2025-09-29
Description (Chinese)
wenkucms是mirweiye个人开发者的一个内容管理系统。 wenkucms 3.4及之前版本存在操作系统命令注入漏洞,该漏洞源于文件app/common/common.php中函数createPathOne的错误操作,可能导致远程命令注入攻击。
Description (English)
Wenkucms is a content management system for mirweiye personal developers. Wenkucms 3.4 and earlier versions have a bug in the operating system command, which stems from the error in the function fileapp/common/common.php, creating PathOne, which may result in a remote command injection attack.
Hazard Level
High
Vulnerability Type
操作系统命令注入
Affected Vendor
个人开发者
Published
2025-09-29
Last Modified
2026-02-24
References
https://github.com/electroN1chahaha/wenkucms-RCE/issues/1 https://vuldb.com/?ctiid.326215 https://vuldb.com/?id.326215 https://vuldb.com/?submit.657055
Share on: