CNNVD-202512-577 Information
CNNVD ID
CNNVD-202512-577
Related CVE
- CNNVD Published: 2025-12-04
Description (Chinese)
XunRuiCMS(迅睿CMS)是XunRuiCMS个人开发者的一个内容管理系统。 XunRuiCMS 4.7.1及之前版本存在代码注入漏洞,该漏洞源于对文件/admin79f2ec220c7e.php中组件Domain Name Binding Page的错误操作,可能导致跨站脚本。
Description (English)
XunRuiCMS (Wise CMS) is a content management system for XunruiCMS personal developers. XunRuiCMS 4.7.1 and previous versions have a code-injecting loophole, which results from an error in the operation of the Domain Name Binding Page in the file/admin79f2ec220c7e.php, which may result in a cross-site script.
Hazard Level
Critical
Vulnerability Type
代码注入
Affected Vendor
个人开发者
Published
2025-12-04
Last Modified
2026-02-24
References
https://github.com/24-2021/vul/blob/main/xunruicms-site_domain%2Bmobile_demo-URL%20redirection%20causing%20remote%20XSS/xunruicms-site_domain%2Bmobile_demo-URL%20redirection%20causing%20remote%20XSS.md https://vuldb.com/?ctiid.334249 https://vuldb.com/?id.334249 https://vuldb.com/?submit.692914
Share on: