CNNVD-202601-743 Information
CNNVD ID
CNNVD-202601-743
Related CVE
- CNNVD Published: 2026-01-02
Description (Chinese)
PluXml是PluXml开源的一个免费的开源内容管理系统,不需要数据库即可工作。 PluXml 5.8.22及之前版本存在代码问题漏洞,该漏洞源于对组件Media Management Module中文件core/admin/medias.php内参数File的错误操作,可能导致反序列化攻击。
Description (English)
PluXml is a free open-source content management system for the PluXml open source, which can work without a database. PluXml 5.8.22 and previous versions had a code problem loophole, which stemmed from an error in File, the parameter in document core/admin/medias.php in component Media Management Module, which could lead to a back-serialization attack.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
PluXml
Published
2026-01-02
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.339383 https://vuldb.com/?id.339383 https://vuldb.com/?submit.713989 https://note-hxlab.wetolink.com/share/9SJUnaDcJuqz https://access.redhat.com/security/cve/cve-2025-15438
Share on: