CNNVD-202512-1822 Information

CNNVD ID

CNNVD-202512-1822

Related CVE

CVE-2025-65602

• CNNVD Published: 2025-12-10

Description (Chinese)

ChanCMS是中国yanyutao0402个人开发者的一个内容管理系统。 ChanCMS 3.3.4版本存在安全漏洞，该漏洞源于/vip/v1/file/save组件存在模板注入，可能导致执行任意代码。

Description (English)

ChanCMS is a content management system for the yanyutao0402 individual developers in China. There is a security gap in version 3.3.4 of ChanCMS, which stems from the presence of templates in the /vip/v1/file/save component, which may lead to the implementation of any code.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-12-10

Last Modified

2026-02-24

References

https://www.notion.so/ChanCMS-Unauthenticated-RCE-2a3ee9235ba380fc9973e16c06258689?source=copy_link https://gitee.com/chancms/ChanCMS https://access.redhat.com/security/cve/cve-2025-65602

Patch

https://gitee.com/chancms/ChanCMS/releases