CNNVD-202512-4115 Information

CNNVD ID

CNNVD-202512-4115

Related CVE

CVE-2021-47735

• CNNVD Published: 2025-12-23

Description (Chinese)

CMSimple是CMSimple开源的一种自由的内容管理系统。 CMSimple 5.4版本存在代码注入漏洞，该漏洞源于模板编辑功能对输入验证不足，可能导致远程代码执行。

Description (English)

CMSimple is a free content management system for the open source of CMSimple. Version 5.4 of the CMSimple 5.4 contains a code-injection loophole, which stems from the lack of input validation for template editing functions, which may lead to remote code execution.

Hazard Level

Medium

Vulnerability Type

代码注入

Affected Vendor

CMSimple

Published

2025-12-23

Last Modified

2026-02-24

References

https://www.cmsimple.org/ https://www.exploit-db.com/exploits/50356 https://www.vulncheck.com/advisories/cmsimple-authenticated-remote-code-execution-via-template-editing