CVE-2025-11331 | IdeaCMS up to 1.8 Website Name Config.php 网站名称 command injection

A vulnerability was found in IdeaCMS up to 1.8. It has been classified as critical. The impacted element is an unknown function of the file app/common/logic/admin/Config.php of the component Website Name Handler. Performing manipulation of the argument 网站名称 results in command injection.

This vulnerability was named CVE-2025-11331. The attack may be initiated remotely. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More