CNNVD-202601-946 Information
CNNVD ID
CNNVD-202601-946
Related CVE
- CNNVD Published: 2026-01-05
Description (Chinese)
MiniCMS是达达(bg5sbk)个人开发者的一个针对个人网站设计的微型内容管理系统。 MiniCMS 1.8及之前版本存在授权问题漏洞,该漏洞源于对组件File Recovery Request Handler的文件/minicms/mc-admin/page.php中函数delete_page的错误操作,可能导致身份验证不当。
Description (English)
MiniCMS is a micro-content management system designed for individual websites by the individual developer of Bg5sbk. There is a mandate gap in MiniCMS 1.8 and previous versions, which stems from an error in the document/minicms/mc-admin/page.php function of Component File Request Handler, which may lead to inappropriate authentication.
Hazard Level
High
Vulnerability Type
授权问题
Affected Vendor
个人开发者
Published
2026-01-05
Last Modified
2026-02-24
References
https://github.com/ueh1013/VULN/issues/14 https://vuldb.com/?id.339488 https://vuldb.com/?ctiid.339488 https://vuldb.com/?submit.725137 https://access.redhat.com/security/cve/cve-2025-15455
Patch
https://github.com/bg5sbk/MiniCMS/releases
Share on: