CNNVD-202512-2754 Information

Dec 16, 2025 cve

CNNVD ID

CNNVD-202512-2754

CVE-2025-14731

CNNVD Published: 2025-12-16

Description (Chinese)

CTCMS（赤兔CMS）是中国赤兔CMS（CTCMS）公司的一个视频内容管理系统。 CTCMS 2.1.2及之前版本存在安全漏洞，该漏洞源于文件/ctcms/apps/libraries/CT_Parser.php中未知函数对模板引擎特殊元素中和不当，可能导致远程攻击。

Description (English)

TCMS (CMS) is a video content management system of the Chinese Reds (CMS) Company. There is a security loophole in CTCMS 2.1.2 and previous versions, which stems from the fact that unknown functions in documents/ctcms/apps/librries/CT Parser.php are inappropriate for specific elements of the template engine, which may lead to a remote attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

赤兔CMS

Published

2025-12-16

Last Modified

2026-02-24

References

https://note-hxlab.wetolink.com/share/U6cnRoRfn09r https://vuldb.com/?submit.707107 https://note-hxlab.wetolink.com/share/Ros8ZIeCLQrN https://vuldb.com/?ctiid.336488 https://vuldb.com/?id.336488 https://vuldb.com/?submit.707106 https://access.redhat.com/security/cve/cve-2025-14731

Share on: