cnvd - cnvd-2021-64480

CNVD-2021-64480

Vulnerability from cnvd - Published: 2021-08-24

Title

CSZ CMS存在未明漏洞

Description

CSZ CMS是一套基于PHP的开源内容管理系统（CMS）。 CSZ CMS 的1.2.9版本存在安全漏洞，该漏洞源于CSZ CMS容易受到任意文件删除的影响。在PHP中，当调用unlink()函数时，用户输入可能会影响部分或整个受影响参数(表示要删除的文件路径，但没有进行充分的清理)，就会发生这种情况。目前没有详细的漏洞细节提供。

Severity

中

Patch Name

CSZ CMS存在未明漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页： https://www.cszcms.com/

Reference

https://github.com/cskaza/cszcms/issues/32

Impacted products

Name
csz cms CSZ CMS 1.2.9

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-37144"
    }
  },
  "description": "CSZ CMS\u662f\u4e00\u5957\u57fa\u4e8ePHP\u7684\u5f00\u6e90\u5185\u5bb9\u7ba1\u7406\u7cfb\u7edf\uff08CMS\uff09\u3002\n\nCSZ CMS \u76841.2.9\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eCSZ CMS\u5bb9\u6613\u53d7\u5230\u4efb\u610f\u6587\u4ef6\u5220\u9664\u7684\u5f71\u54cd\u3002\u5728PHP\u4e2d\uff0c\u5f53\u8c03\u7528unlink()\u51fd\u6570\u65f6\uff0c\u7528\u6237\u8f93\u5165\u53ef\u80fd\u4f1a\u5f71\u54cd\u90e8\u5206\u6216\u6574\u4e2a\u53d7\u5f71\u54cd\u53c2\u6570(\u8868\u793a\u8981\u5220\u9664\u7684\u6587\u4ef6\u8def\u5f84\uff0c\u4f46\u6ca1\u6709\u8fdb\u884c\u5145\u5206\u7684\u6e05\u7406)\uff0c\u5c31\u4f1a\u53d1\u751f\u8fd9\u79cd\u60c5\u51b5\u3002 \u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://www.cszcms.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-64480",
  "openTime": "2021-08-24",
  "patchDescription": "CSZ CMS\u662f\u4e00\u5957\u57fa\u4e8ePHP\u7684\u5f00\u6e90\u5185\u5bb9\u7ba1\u7406\u7cfb\u7edf\uff08CMS\uff09\u3002\r\n\r\nCSZ CMS \u76841.2.9\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eCSZ CMS\u5bb9\u6613\u53d7\u5230\u4efb\u610f\u6587\u4ef6\u5220\u9664\u7684\u5f71\u54cd\u3002\u5728PHP\u4e2d\uff0c\u5f53\u8c03\u7528unlink()\u51fd\u6570\u65f6\uff0c\u7528\u6237\u8f93\u5165\u53ef\u80fd\u4f1a\u5f71\u54cd\u90e8\u5206\u6216\u6574\u4e2a\u53d7\u5f71\u54cd\u53c2\u6570(\u8868\u793a\u8981\u5220\u9664\u7684\u6587\u4ef6\u8def\u5f84\uff0c\u4f46\u6ca1\u6709\u8fdb\u884c\u5145\u5206\u7684\u6e05\u7406)\uff0c\u5c31\u4f1a\u53d1\u751f\u8fd9\u79cd\u60c5\u51b5\u3002 \u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "CSZ CMS\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "csz cms CSZ CMS  1.2.9"
  },
  "referenceLink": "https://github.com/cskaza/cszcms/issues/32",
  "serverity": "\u4e2d",
  "submitTime": "2021-08-03",
  "title": "CSZ CMS\u5b58\u5728\u672a\u660e\u6f0f\u6d1e"
}

CVE-2021-37144 (GCVE-0-2021-37144)

Vulnerability from cvelistv5 – Published: 2021-07-29 17:25 – Updated: 2024-08-04 01:16

Summary

CSZ CMS 1.2.9 is vulnerable to Arbitrary File Deletion. This occurs in PHP when the unlink() function is called and user input might affect portions of or the whole affected parameter, which represents the path of the file to remove, without sufficient sanitization.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

https://github.com/cskaza/cszcms/issues/32

x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T01:16:03.094Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/cskaza/cszcms/issues/32"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "CSZ CMS 1.2.9 is vulnerable to Arbitrary File Deletion. This occurs in PHP when the unlink() function is called and user input might affect portions of or the whole affected parameter, which represents the path of the file to remove, without sufficient sanitization."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-29T17:25:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/cskaza/cszcms/issues/32"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-37144",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "CSZ CMS 1.2.9 is vulnerable to Arbitrary File Deletion. This occurs in PHP when the unlink() function is called and user input might affect portions of or the whole affected parameter, which represents the path of the file to remove, without sufficient sanitization."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/cskaza/cszcms/issues/32",
              "refsource": "MISC",
              "url": "https://github.com/cskaza/cszcms/issues/32"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-37144",
    "datePublished": "2021-07-29T17:25:02",
    "dateReserved": "2021-07-21T00:00:00",
    "dateUpdated": "2024-08-04T01:16:03.094Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2021-64480

CVE-2021-37144 (GCVE-0-2021-37144)

Tags

Sightings

Nomenclature