Neto CMS 安全漏洞

Neto CMS is an e-commerce platform from Neto Australia. A security vulnerability exists in Neto CMS versions v6.313.0 through v6.314.0 that originates from a specially crafted HTTP request resulting in a CRLF injection that may execute arbitrary code...

CVE-2025-28357

Summary: CVE-2025-28357 is a CRLF injection vulnerability in Neto CMS versions 6.313.0–6.314.0 that enables arbitrary code execution via a crafted HTTP request. The root cause is insufficient input validation around carriage return/line feed characters in requests. Impact: high (remote attacker w...