CVE Tools

chancms

Web & CMS Pluginscommercial

11

Cumulative CVEs

2

Monthly snapshots

#141

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting chancms.

CVE-2025-65602A template injection vulnerability in the /vip/v1/file/save component of ChanCMS v3.3.4 allows attackers to execute arbitrary code via a crafted POST request.9.8Dec 10, 2025
CVE-2025-11905yanyutao0402 ChanCMS gather.js getArticle code injection6.3Oct 17, 2025
CVE-2025-11904yanyutao0402 ChanCMS hasUse sql injection6.3Oct 17, 2025
CVE-2025-11903yanyutao0402 ChanCMS update sql injection6.3Oct 17, 2025
CVE-2025-11902yanyutao0402 ChanCMS findField sql injection6.3Oct 17, 2025
CVE-2025-10211yanyutao0402 ChanCMS getArticle CollectController server-side request forgery6.3Sep 10, 2025
CVE-2025-10210yanyutao0402 ChanCMS Api.js search sql injection6.3Sep 10, 2025
CVE-2025-10110ChanCMS search sql injection6.3Sep 8, 2025
CVE-2025-10106yanyutao0402 ChanCMS search sql injection6.3Sep 8, 2025
CVE-2025-10105yanyutao0402 ChanCMS search sql injection6.3Sep 8, 2025
CVE-2025-8266yanyutao0402 ChanCMS collect.js getArticle deserialization6.3Jul 28, 2025
CVE-2025-8228yanyutao0402 ChanCMS getPages server-side request forgery6.3Jul 27, 2025
CVE-2025-8227yanyutao0402 ChanCMS getArticle deserialization6.3Jul 27, 2025
CVE-2025-8226yanyutao0402 ChanCMS find information disclosure4.3Jul 27, 2025
CVE-2025-8133yanyutao0402 ChanCMS gather.js getArticle server-side request forgery6.3Jul 25, 2025