Vulnerability Description
A vulnerability was found in IdeaCMS up to 1.7 and classified as critical. This issue affects the function Article/Goods of the file /api/v1.index.article/getList.html. The manipulation of the argument Field leads to sql injection. The attack may be initiated remotely. Upgrading to version 1.8 is able to address this issue. The patch is named 935aceb4c21338633de6d41e13332f7b9db4fa6a. It is recommended to upgrade the affected component.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ideacms | Ideacms | <= 1.7 |
Related Weaknesses (CWE)
References
- https://gitee.com/ideacms/ideacms/commit/935aceb4c21338633de6d41e13332f7b9db4fa6Permissions Required
- https://gitee.com/ideacms/ideacms/issues/ICBVWEExploitIssue TrackingVendor Advisory
- https://gitee.com/ideacms/ideacms/issues/ICBVWE#note_42016626_linkExploitIssue TrackingVendor Advisory
- https://gitee.com/ideacms/ideacms/releases/tag/v1.8Release Notes
- https://vuldb.com/?ctiid.311027Permissions RequiredVDB Entry
- https://vuldb.com/?id.311027Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.588372Third Party AdvisoryVDB Entry
FAQ
What is CVE-2025-5569?
CVE-2025-5569 is a vulnerability with a CVSS score of 6.3 (MEDIUM). A vulnerability was found in IdeaCMS up to 1.7 and classified as critical. This issue affects the function Article/Goods of the file /api/v1.index.article/getList.html. The manipulation of the argumen...
How severe is CVE-2025-5569?
CVE-2025-5569 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-5569?
Check the references section above for vendor advisories and patch information. Affected products include: Ideacms Ideacms.