CNNVD-202602-2195 Information

CNNVD ID

CNNVD-202602-2195

Related CVE

CVE-2025-70866

• CNNVD Published: 2026-02-13

Description (Chinese)

Lavalite CMS是一套基于PHP的开源内容管理系统（CMS）。 LavaLite CMS 10.1.0版本存在安全漏洞，该漏洞源于访问控制不当，可能导致低权限用户直接访问管理后台。

Description (English)

Lavalite CMS is an open-source content management system (CMS) based on PHP. There is a security loophole in version 10.1.0 of the Lavallite CMS, which stems from inadequate access controls and may lead to direct access to the management backstage by low-permit users.

Vulnerability Type

其他

Affected Vendor

Lavalite

Published

2026-02-13

Last Modified

2026-02-24

References

https://gist.github.com/gkjzjh146/6d541c80b0666a596581ccd85bd10058 https://github.com/LavaLite/cms/releases/tag/v10.1.0