Browse all 4 CVE security advisories affecting CTCMS. AI-powered Chinese analysis, POCs, and references for each vulnerability.
CTCMS is a content management system designed for creating and managing websites, with a core use case of enabling non-technical users to publish digital content. Historically, it has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The system's four recorded CVEs highlight these recurring weaknesses, particularly in input validation and access control mechanisms. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests potential risks for unpatched implementations, emphasizing the need for regular updates and secure configuration practices.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-14731 | CTCMS Content Management System Frontend/Template Management CT_Parser.php special elements used in a template engine — Content Management SystemCWE-1336 | 6.3 | Medium | 2025-12-15 |
| CVE-2025-14730 | CTCMS Content Management System Backend System Configuration Ct_Config.php code injection — Content Management SystemCWE-94 | 4.7 | Medium | 2025-12-15 |
| CVE-2025-14729 | CTCMS Content Management System Backend App Configuration Ct_App.php save code injection — Content Management SystemCWE-94 | 4.7 | Medium | 2025-12-15 |
| CVE-2025-4545 | CTCMS Content Management System File Tpl.php del path traversal — Content Management SystemCWE-22 | 5.4 | Medium | 2025-05-11 |
This page lists every published CVE security advisory associated with CTCMS. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.