CNNVD-202512-2813 Information
CNNVD ID
CNNVD-202512-2813
Related CVE
- CNNVD Published: 2025-12-16
Description (Chinese)
websitebaker是个人开发者的一个基于PHP的内容管理系统。它的特点包括基于模板的前台界面,分页支持, 多用户管理等。 WebsiteBaker 2.13.3版本存在安全漏洞,该漏洞源于目录遍历漏洞,可能导致认证攻击者删除任意文件。
Description (English)
Websitebaker is a PHP-based content management system for individual developers. Its features include template-based front-office interfaces, page break support, multi-user management, etc. There is a security loophole in WebsiteBaker 2.13.3, which stems from a loophole in the catalogue that could lead to the authentication of the assailants to remove any document.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-12-16
Last Modified
2026-02-24
References
https://websitebaker.org/pages/en/home.php https://www.exploit-db.com/exploits/51554 https://www.vulncheck.com/advisories/websitebaker-directory-traversal-via-media-delete-endpoint
Patch
https://addon.websitebaker.org/en/browse-add-ons/?type=5&cid=997
Share on: