CNNVD-202602-1861 Information

CNNVD ID

CNNVD-202602-1861

Related CVE

CVE-2020-37186

• CNNVD Published: 2026-02-11

Description (Chinese)

Chevereto是一个图床程序。 Chevereto 3.13.4 Core版本存在代码注入漏洞，该漏洞源于数据库表前缀参数处理不当，可能导致远程代码执行。

Description (English)

Chevereto is a bedmaking program. The Chevereto 3.13.4 Core version contains a code-injection loophole, which stems from the inappropriate handling of prefix parameters in the database table, which may lead to remote code execution.

Hazard Level

Low

Vulnerability Type

代码注入

Affected Vendor

Chevereto

Published

2026-02-11

Last Modified

2026-02-24

References

https://chevereto.com/ https://github.com/Chevereto/Chevereto-Free/releases https://www.exploit-db.com/exploits/47903 https://www.vulncheck.com/advisories/chevereto-core-remote-code-execution