CVE-2025-25784 Information

Description

An arbitrary file upload vulnerability in the component \c\TemplateController.php of Jizhicms v2.5.4 allows attackers to execute arbitrary code via uploading a crafted Zip file.

Reference

http://jizhicms.com https://github.com/Ka7arotto/JizhiCms/blob/main/jizhicms.md https://www.jizhicms.cn/