CNNVD-202601-3062 Information

CNNVD ID

CNNVD-202601-3062

Related CVE

CVE-2026-1152

• CNNVD Published: 2026-01-19

Description (Chinese)

mpay是中国technical-laohu开源的一款便捷收款工具。 mpay 1.2.4及之前版本存在代码问题漏洞，该漏洞源于对参数codeimg的错误操作，可能导致任意文件上传。

Description (English)

mpay is an easy-to-receiving tool from China ’ s telenic-laohu open source. mpay 1.2.4 and previous versions had a code problem loophole, which stemmed from a mishandling of the parameter codeimg and could lead to the uploading of any document.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

technical-laohu

Published

2026-01-19

Last Modified

2026-02-24

References

https://github.com/bdkuzma/vuln/issues/17 https://vuldb.com/?ctiid.341745 https://vuldb.com/?id.341745 https://vuldb.com/?submit.735775