CNNVD-202512-3920 Information

CNNVD ID

CNNVD-202512-3920

Related CVE

CVE-2023-53975

• CNNVD Published: 2025-12-22

Description (Chinese)

Atom CMS是The Digital Craft开源的一个内容管理系统。 Atom CMS 2.0版本存在SQL注入漏洞，该漏洞源于admin index页面的id参数存在未经验证的SQL注入，可能导致远程攻击者操纵数据库查询。

Description (English)

Atom CMS is a content management system for the Digital Craft open source. Version 2.0 of Atom CMS has an injection loophole in SQL, which originates from the unverified SQL injection of id parameters on the admin index page, which may lead to remote attackers manipulating database queries.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

The Digital Craft

Published

2025-12-22

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/atom-cms-unauthenticated-sql-injection-via-admin-index-page https://www.exploit-db.com/exploits/51086 https://github.com/thedigicraft/Atom.CMS https://access.redhat.com/security/cve/cve-2023-53975