CNNVD-202512-3323 Information

CNNVD ID

CNNVD-202512-3323

Related CVE

CVE-2025-14837

• CNNVD Published: 2025-12-18

Description (Chinese)

ZZCMS是中国ZZCMS团队的一套内容管理系统（CMS）。 ZZCMS 2025版本存在代码注入漏洞，该漏洞源于对后端网站设置模块文件/admin/siteconfig.php中参数icp的错误操作，可能导致代码注入。

Description (English)

ZZCMS is a content management system (CMS) for the ZZCMS team in China. Version ZCMS 2025 has a code infusion loophole, which results from an error in the icp parameter in the backend set-up module file/admin/siteconfig.php, which may result in a code infusion.

Hazard Level

High

Vulnerability Type

代码注入

Affected Vendor

ZZCMS

Published

2025-12-18

Last Modified

2026-02-24

References

https://vuldb.com/?submit.711655 https://vuldb.com/?ctiid.336987 https://vuldb.com/?id.336987 https://note-hxlab.wetolink.com/share/ekNgcv2wVBya https://access.redhat.com/security/cve/cve-2025-14837