CVE-2025-1890 in shishuocms情報

要約

〜によって MITRE • 2025年03月04日

A vulnerability has been found in shishuocms 1.1 and classified as critical. This vulnerability affects the function handleRequest of the file src/main/java/com/shishuo/cms/action/manage/ManageUpLoadAction.java. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

責任者

VulDB

公開

2025年03月04日

モデレーション

承諾済み

エントリ

VDB-298408

CPE

準備完了

CWE

CWE-434 (確認済み)

エクスプロイト

ダウンロード

CVSS

9.8 (NVD)

EPSS

0.00210

KEV

いいえ

アクティビティ

非常低い

ソース

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-1890
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-1890
CVE Details	https://www.cvedetails.com/cve/CVE-2025-1890/

◂ 前概要次 ▸

Do you know our Splunk app?

Download it now for free!