CNNVD-202511-886 Information

CNNVD ID

CNNVD-202511-886

Related CVE

CVE-2025-63678

• CNNVD Published: 2025-11-10

Description (Chinese)

CMSmadesimple是CMS Made Simple基金会的一个开源的內容管理系統。 CMSmadesimple 2.2.22版本存在安全漏洞，该漏洞源于/uploads/端点存在经过身份验证的任意文件上传，可能导致执行任意代码。

Description (English)

CMSmadesimple is an open-source content management system of the CMS Made Simple Foundation. There is a security loophole in version 2.2.22 of the CMSmadesimple, which stems from the existence of an identity-verified, random document upload at /uploads/end points, which may lead to the implementation of an arbitrary code.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

CMS Made Simple

Published

2025-11-10

Last Modified

2026-02-24

References

https://github.com/kasiasok/raports/blob/main/CMSMS%202.2.22%20_%20Raport%20092025.pdf https://access.redhat.com/security/cve/cve-2025-63678