CNNVD-202512-5530 Information

CNNVD ID

CNNVD-202512-5530

Related CVE

CVE-2025-15393

• CNNVD Published: 2025-12-31

Description (Chinese)

KodiCMS是Kohana KodiCMS开源的一个内容管理系统。 KodiCMS 13.82.135及之前版本存在代码注入漏洞，该漏洞源于Layout API Endpoint组件文件cms/modules/kodicms/classes/kodicms/model/file.php中Save函数对参数content的错误操作，可能导致代码注入。

Description (English)

KodiCMS is an open-source content management system for Kohana KodiCMS. There is a code injection loophole in KodiCMS 13.82.135 and previous versions, which stems from the error of the Save function in the Layout API Endpoint component file, cms/modules/kodicms/classes/kodicms/mode/file.php on parameters, which may lead to code injection.

Hazard Level

High

Vulnerability Type

代码注入

Affected Vendor

Kohana KodiCMS

Published

2025-12-31

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.339162 https://vuldb.com/?id.339162 https://vuldb.com/?submit.718290