CNNVD-202601-769 Information
CNNVD ID
CNNVD-202601-769
Related CVE
- CNNVD Published: 2026-01-02
Description (Chinese)
EmpireSoft EmpireCMS(帝国内容管理系统)是EmpireSoft公司的一套开源内容管理系统(CMS)。 EmpireSoft EmpireCMS 8.0及之前版本存在代码问题漏洞,该漏洞源于对文件e/class/connect.php中函数CheckSaveTranFiletype的错误操作,可能导致任意文件上传。
Description (English)
EmpireSoft EmpireCMS (the Imperial Content Management System) is an open-source content management system (CMS) for EmpireSoft. There is a code problem loophole in EmpireSoft EmpireCMS 8.0 and previous versions, which stems from an error in the function of CheckSaveTranFiletype in document e/class/contract.php, which may lead to any upload of the file.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
帝国软件
Published
2026-01-02
Last Modified
2026-02-24
References
https://note-hxlab.wetolink.com/share/28QXRLje7Uz1 https://note-hxlab.wetolink.com/share/28QXRLje7Uz1#-span–strong-proof-of-concept—strong—span- https://vuldb.com/?ctiid.339345 https://vuldb.com/?id.339345 https://vuldb.com/?submit.721346 https://access.redhat.com/security/cve/cve-2025-15423
Share on: