PT-2025-30728 · Chancms · Chancms
Zast.Ai
·
Published
2025-07-25
·
Updated
2025-07-25
·
CVE-2025-8132
CVSS v2.0
5.5
Medium
| Vector | AV:N/AC:L/Au:S/C:N/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
yanyutao0402 ChanCMS versions up to 3.1.2
Description
A path traversal issue exists in the
delfile function of the app/extend/utils.js file. This issue may be exploited remotely. The exploit has been publicly disclosed.Recommendations
Upgrade to version 3.1.3 to address this issue. The patch identifier is c8a282bf02a62b59ec60b4699e91c51aff2ee9cd.
Exploit
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Chancms