CNNVD-202602-845 Information
Feb 05, 2026
cve
CNNVD ID
CNNVD-202602-845
Related CVE
- CNNVD Published: 2026-02-05
Description (Chinese)
JIZHICMS(极致CMS)是中国极致(JIZHI)公司的一套开源的内容管理系统(CMS)。 JIZHICMS 1.6.7版本存在代码问题漏洞,该漏洞源于管理员插件更新端点存在文件下载漏洞,可能导致经过身份验证的管理员下载任意文件。
Description (English)
JIZHICMS (extremely CMS) is an open-source content management system (CMS) of the Chinese company JIZHI. There is a code gap in version 1.6.7 of JIZHICMS, which stems from a file download gap at the administrator ’ s update end point, which may lead to any file being downloaded by an identified administrator.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
极致
Published
2026-02-05
Last Modified
2026-02-24
References
https://www.exploit-db.com/exploits/48361 https://www.jizhicms.cn/ https://www.vulncheck.com/advisories/jizhicms-arbitrary-file-download
Patch
https://gitee.com/Cherry_toto/jizhicms/releases
Share on: