CNNVD-202512-4887 Information

CNNVD ID

CNNVD-202512-4887

Related CVE

CVE-2025-15130

• CNNVD Published: 2025-12-28

Description (Chinese)

SyCms是shanyu个人开发者的一个内容管理系统。 SyCms存在代码注入漏洞，该漏洞源于文件Application/Admin/Controller/FileManageController.class.php中函数addPost的错误操作，可能导致代码注入。

Description (English)

SyCms is a content management system for Shanyu personal developers. SyCms has a code-injection loophole, which results from an error in the function addPost in file Application/Admin/Controller/FileManageController.class.php, which may result in code injection.

Hazard Level

High

Vulnerability Type

代码注入

Affected Vendor

个人开发者

Published

2025-12-28

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.338508 https://vuldb.com/?id.338508 https://vuldb.com/?submit.712813 https://gitee.com/shanyu/SyCms/issues/IDCEWG https://access.redhat.com/security/cve/cve-2025-15130