4 matches found
CVE-2025-11904
A vulnerability has been found in yanyutao0402 ChanCMS up to 3.3.2. This affects the function hasUse of the file /cms/model/hasUse. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The...
CVE-2025-11904
ChanCMS up to version 3.3.2 contains a SQL injection vulnerability in the file /cms/model/hasUse, caused by unsafely handling the parameter ID. Multiple connected sources (CNVD-2025-24732, RH:CVE-2025-11904, CNNVD-202510-2437, NVD/CVE-2025-11904, etc.) describe that external SQL statements can be...
CVE-2025-11904 yanyutao0402 ChanCMS hasUse sql injection
A vulnerability has been found in yanyutao0402 ChanCMS up to 3.3.2. This affects the function hasUse of the file /cms/model/hasUse. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The...
EUVD-2025-34885
A vulnerability has been found in yanyutao0402 ChanCMS up to 3.3.2. This affects the function hasUse of the file /cms/model/hasUse. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The...