CNNVD-202601-4937 Information

CNNVD ID

CNNVD-202601-4937

Related CVE

CVE-2020-36999

• CNNVD Published: 2026-01-29

Description (Chinese)

Elaniin CMS是Elaniin开源的一个用PHP+MySQL创建的开源内容管理系统。 Elaniin CMS 1.0版本存在SQL注入漏洞，该漏洞源于登录页面存在SQL注入，可能导致身份验证绕过。

Description (English)

Elaniin CMS is an open-source content management system created by the Elaniin Open Source (PHP+MySQL). Elaniin CMS Version 1.0 has an SQL injection loophole, which stems from the SQL injection on the login page and may result in an identification bypass.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

Elaniin

Published

2026-01-29

Last Modified

2026-02-24

References

https://elaniin.com/ https://github.com/elaniin/CMS https://www.exploit-db.com/exploits/48705 https://www.vulncheck.com/advisories/elaniin-cms-authentication-bypass