CNNVD-202510-3904 Information
Oct 28, 2025
cve
CNNVD ID
CNNVD-202510-3904
Related CVE
- CNNVD Published: 2025-10-28
Description (Chinese)
MaxSite CMS是俄国MaxSite CMS开源的一款网站内容管理系统。 MaxSite CMS 109及之前版本存在代码问题漏洞,该漏洞源于对文件application/maxsite/admin/plugins/editor_files/save-file-ajax.php中参数file_path或content的错误操作,可能导致任意文件上传。
Description (English)
MaxSite CMS is an open-source web content management system for MaxSite CMS in Russia. There is a code gap in MaxSite CMS 109 and earlier versions, which stems from an error in the parameters file application/maxsite/admin/plugins/editor files/save-file-ajax.php, which may result in any upload of the file.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
MaxSite CMS
Published
2025-10-28
Last Modified
2026-02-24
References
https://vuldb.com/?id.330137 https://note-hxlab.wetolink.com/share/lIWZkTHQPSVh https://vuldb.com/?submit.674552 https://vuldb.com/?ctiid.330137 https://access.redhat.com/security/cve/cve-2025-12347
Share on: