CVE-2025-9398— Yifang CMS 安全漏洞

YiFang CMS Migrate.php exportInstallTable information disclosure

A security vulnerability has been detected in YiFang CMS up to 2.0.5. Affected by this vulnerability is the function exportInstallTable of the file app/utils/base/database/Migrate.php. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

信息暴露

Yifang CMS 安全漏洞

Yifang CMS是中国亿坊（Yifang）公司的一个PHP企业网站开发建设管理系统。 Yifang CMS 2.0.5及之前版本存在安全漏洞，该漏洞源于文件app/utils/base/database/Migrate.php中exportInstallTable函数存在信息泄露。

N/A

N/A