Home

Description

jizhicms 2.5.6 is vulnerable to SQL Injection in Article/deleteAll and Extmolds/deleteAll via the data parameter.

PUBLISHED Reserved 2026-01-09 | Published 2026-02-17 | Updated 2026-02-19 | Assigner mitre

References

jizhicms.com

www.23882.me/...p/2026/02/15/jizhicms-后台存在sql注入/

cve.org (CVE-2025-70397)

nvd.nist.gov (CVE-2025-70397)

Download JSON