CNNVD-202512-1348 Information

CNNVD ID

CNNVD-202512-1348

Related CVE

CVE-2025-67504

• CNNVD Published: 2025-12-09

Description (Chinese)

WBCE CMS是WBCE CMS开源的一套基于PHP和MySQL的开源内容管理系统（CMS）。 WBCE CMS 1.6.4及之前版本存在安全特征问题漏洞，该漏洞源于密码生成函数不安全，可能导致密码预测或暴力破解。

Description (English)

WBCE CMS is a WBCE CMS Open Content Management System (CMS) based on PHP and MySQL. WBCE CMS 1.6.4 and previous versions have security feature loopholes, which stem from unsafe password generation functions, which may lead to code prediction or violent breakdown.

Hazard Level

Low

Vulnerability Type

安全特征问题

Affected Vendor

WBCE CMS

Published

2025-12-09

Last Modified

2026-02-24

References

https://cwe.mitre.org/data/definitions/338.html https://github.com/WBCE/WBCE_CMS/commit/5d59fe021a5c6e469b1bf192b72ca652e54278f6 https://github.com/WBCE/WBCE_CMS/releases/tag/1.6.5 https://github.com/WBCE/WBCE_CMS/security/advisories/GHSA-76gj-pmvx-jcc6

Patch

https://wbce-cms.org/downloads/