CNNVD-202601-3980 Information
Jan 23, 2026
cve
CNNVD ID
CNNVD-202601-3980
Related CVE
- CNNVD Published: 2026-01-23
Description (Chinese)
Textpattern是Textpattern团队的一款简洁而又漂亮的Blog引擎。 Textpattern 4.8.3之前版本存在安全漏洞,该漏洞源于允许上传恶意PHP文件,可能导致远程代码执行。
Description (English)
Textpattern is a simple and beautiful Blog engine for the Textpattern team. There was a security loophole in the previous version of Textpattern 4.8.3, which stemmed from allowing the uploading of malicious PHP files, which could lead to remote code execution.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Textpattern
Published
2026-01-23
Last Modified
2026-02-24
References
https://textpattern.com/ https://textpattern.com/start https://www.exploit-db.com/exploits/49620 https://www.vulncheck.com/advisories/textpattern-remote-code-execution