CVE-2025-11903 | yanyutao0402 ChanCMS up to 3.3.2 /cms/article/update cid sql injection

A vulnerability labeled as critical has been found in yanyutao0402 ChanCMS up to 3.3.2. Affected by this issue is the function update of the file /cms/article/update. Executing manipulation of the argument cid can lead to sql injection.

This vulnerability is tracked as CVE-2025-11903. The attack can be launched remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More