CNNVD-202510-816 Information
Oct 06, 2025
cve
CNNVD ID
CNNVD-202510-816
Related CVE
- CNNVD Published: 2025-10-06
Description (Chinese)
IdeaCMS是IdeaCMS开源的一个商场系统。 IdeaCMS 1.8及之前版本存在命令注入漏洞,该漏洞源于对文件app/common/logic/admin/Config.php中参数网站名称的错误操作,可能导致命令注入攻击。
Description (English)
IdeaCMS is a commercial system open to IdeaCMS. The IdeaCMS 1.8 and previous versions contain a command-injecting loophole, which arises from an error in the use of the parameter name of the website in the documentapp/common/logic/admin/Config.php, which may result in an order-injecting attack.
Hazard Level
Medium
Vulnerability Type
命令注入
Affected Vendor
IdeaCMS
Published
2025-10-06
Last Modified
2026-02-24
References
https://github.com/tiancesec/CVE/issues/4 https://vuldb.com/?ctiid.327214 https://vuldb.com/?id.327214 https://vuldb.com/?submit.664550
Share on: