CNNVD-202601-2885 Information
Jan 16, 2026
cve
CNNVD ID
CNNVD-202601-2885
Related CVE
- CNNVD Published: 2026-01-16
Description (Chinese)
Phpwcms是Phpwcms开源的一个内容管理系统。 Phpwcms 1.9.30版本存在安全漏洞,该漏洞源于允许经过身份验证的攻击者上传恶意SVG文件,可能导致跨站脚本攻击。
Description (English)
Phpwcms is an open-source content management system for Phpwcms. Version 1.9.30 of Phpwcms contains a security loophole, which stems from the fact that an identified assailant is allowed to upload malicious SVG documents, which could lead to a cross-site script attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Phpwcms
Published
2026-01-16
Last Modified
2026-02-24
References
http://www.phpwcms.org/ https://www.exploit-db.com/exploits/50363 https://www.vulncheck.com/advisories/phpwcms-arbitrary-file-upload
Share on: