CNNVD-202512-4118 Information

CNNVD ID

CNNVD-202512-4118

Related CVE

CVE-2021-47734

• CNNVD Published: 2025-12-23

Description (Chinese)

CMSimple是CMSimple开源的一种自由的内容管理系统。 CMSimple 5.4版本存在安全漏洞，该漏洞源于对PHP会话文件路径操作不当，可能导致本地文件包含和任意代码执行。

Description (English)

CMSimple is a free content management system for the open source of CMSimple. There is a security loophole in version 5.4 of CMSimple, which stems from the inappropriate operation of the PHP session file path, which may lead to local file inclusion and arbitrary code execution.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

CMSimple

Published

2025-12-23

Last Modified

2026-02-24

References

https://www.cmsimple.org/en/ https://www.exploit-db.com/exploits/50547 https://www.vulncheck.com/advisories/cmsimple-authenticated-local-file-inclusion-remote-code-execution