CNNVD-202512-3155 Information

CNNVD ID

CNNVD-202512-3155

Related CVE

CVE-2023-53914

• CNNVD Published: 2025-12-17

Description (Chinese)

UliCMS是UliCMS开源的一个内容管理系统（CMS）。该系统支持访问控制和所见即所得编辑等功能。 UliCMS 2023.1版本存在安全漏洞，该漏洞源于UserController中批量赋值不当，可能导致身份验证绕过。

Description (English)

UlICMS is a UliCMS open source content management system (CMS). The system supports features such as access control and the resulting editing. UliCMS version 2023.1 contains a security loophole, which stems from the inappropriate bulk value in the UserController, which may lead to a circumvention of identification.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

UliCMS

Published

2025-12-17

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/ulicms-authentication-bypass-via-mass-assignment-vulnerability https://en.ulicms.de/ https://web.archive.org/web/20230314183734/ https://www.exploit-db.com/exploits/51486 https://access.redhat.com/security/cve/cve-2023-53914