CNNVD-202601-765 Information
CNNVD ID
CNNVD-202601-765
Related CVE
- CNNVD Published: 2026-01-02
Description (Chinese)
H-ui.admin是jackying个人开发者的一个网站后台模版。 H-ui.admin 3.1及之前版本存在代码问题漏洞,该漏洞源于对库文件/lib/webuploader/0.1.5/server/preview.php的错误操作,可能导致任意文件上传。
Description (English)
H-ui.admin is a back-office template for a Jackying personal developer. H-ui.admin 3.1 and previous versions had a code problem loophole, which stemmed from an error in the library document/lib/webuploader/0.1.5/server/preview.php, which could lead to any uploading of the document.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
个人开发者
Published
2026-01-02
Last Modified
2026-02-24
References
https://github.com/TiKi-r/CVE-Report/blob/main/H-ui.admin%20RCE.md https://github.com/TiKi-r/CVE-Report/blob/main/H-ui.admin%20RCE.md#4-proof-of-concept-poc https://vuldb.com/?ctiid.339348 https://vuldb.com/?id.339348 https://vuldb.com/?submit.721457 https://access.redhat.com/security/cve/cve-2025-15426
Share on: