CNNVD-202601-1941 Information

CNNVD ID

CNNVD-202601-1941

Related CVE

CVE-2022-50898

• CNNVD Published: 2026-01-13

Description (Chinese)

NanoCMS是kalyan02个人开发者的一个轻量级内容管理系统。 NanoCMS 0.4版本存在代码注入漏洞，该漏洞源于页面内容创建功能存在未经验证的文件上传漏洞，可能导致远程代码执行。

Description (English)

NanoCMS is a lightweight content management system for kalyan02 individual developers. NanoCMS version 0.4 has a code infusion loophole, which stems from an unverified file upload gap in the page content creation function, which may lead to remote code execution.

Hazard Level

Medium

Vulnerability Type

代码注入

Affected Vendor

个人开发者

Published

2026-01-13

Last Modified

2026-02-24

References

https://github.com/ishell/Exploits-Archives/blob/master/2009-exploits/0904-exploits/nanocms-multi.txt https://github.com/kalyan02/NanoCMS https://www.exploit-db.com/exploits/50997 https://www.vulncheck.com/advisories/nanocms-remote-code-execution-rce-authenticated