CNNVD-202601-944 Information
CNNVD ID
CNNVD-202601-944
Related CVE
- CNNVD Published: 2026-01-05
Description (Chinese)
MiniCMS是达达(bg5sbk)个人开发者的一个针对个人网站设计的微型内容管理系统。 MiniCMS 1.8及之前版本存在授权问题漏洞,该漏洞源于对组件Trash File Restore Handler的文件/minicms/mc-admin/post.php的错误操作,可能导致身份验证不当。
Description (English)
MiniCMS is a micro-content management system designed for individual websites by the individual developer of Bg5sbk. MiniCMS 1.8 and previous versions had a mandate gap, which stemmed from the error in the document/minics/mc-admin/post.php of the component Trash File Resource Handler, which could lead to improper identification.
Hazard Level
Medium
Vulnerability Type
授权问题
Affected Vendor
个人开发者
Published
2026-01-05
Last Modified
2026-02-24
References
https://github.com/ueh1013/VULN/issues/12 https://vuldb.com/?id.339490 https://vuldb.com/?ctiid.339490 https://vuldb.com/?submit.725139 https://access.redhat.com/security/cve/cve-2025-15457
Patch
https://github.com/bg5sbk/MiniCMS/releases
Share on: