CNNVD-202512-5547 Information
Dec 31, 2025
cve
CNNVD ID
CNNVD-202512-5547
Related CVE
- CNNVD Published: 2025-12-31
Description (Chinese)
KodiCMS是Kohana KodiCMS开源的一个内容管理系统。 KodiCMS 13.82.135及之前版本存在SQL注入漏洞,该漏洞源于Search API Endpoint组件文件cms/modules/pages/classes/kodicms/model/page.php中like函数对参数keyword的错误操作,可能导致SQL注入。
Description (English)
KodiCMS is an open-source content management system for Kohana KodiCMS. The KodiCMS 13.82.135 and previous versions had an injection loophole in SQL, which stemmed from the error of the function of the " like " function in Search API Endpoint component file cms/modules/pages/classes/kodicms/model/page.php with respect to parameter keyword, which could lead to an injection of SQL.
Hazard Level
High
Vulnerability Type
SQL注入
Affected Vendor
Kohana KodiCMS
Published
2025-12-31
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.339161 https://vuldb.com/?id.339161 https://vuldb.com/?submit.718289
Share on: