A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handler. Executing a manipulation can lead to improper authentication. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
References
| Link | Resource |
|---|---|
| https://github.com/ueh1013/VULN/issues/9 | Exploit Issue Tracking Third Party Advisory |
| https://vuldb.com/?ctiid.339491 | Permissions Required VDB Entry |
| https://vuldb.com/?id.339491 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.725142 | Third Party Advisory VDB Entry |
| https://github.com/ueh1013/VULN/issues/9 | Exploit Issue Tracking Third Party Advisory |
Configurations
History
15 Jan 2026, 20:30
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:1234n:minicms:*:*:*:*:*:*:*:* | |
| CWE | NVD-CWE-noinfo | |
| First Time |
1234n minicms
1234n |
|
| References | () https://github.com/ueh1013/VULN/issues/9 - Exploit, Issue Tracking, Third Party Advisory | |
| References | () https://vuldb.com/?ctiid.339491 - Permissions Required, VDB Entry | |
| References | () https://vuldb.com/?id.339491 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?submit.725142 - Third Party Advisory, VDB Entry |
06 Jan 2026, 19:15
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/ueh1013/VULN/issues/9 - |
05 Jan 2026, 05:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-01-05 05:15
Updated : 2026-01-15 20:30
NVD link : CVE-2025-15458
Mitre link : CVE-2025-15458
CVE.ORG link : CVE-2025-15458
JSON object : View
Products Affected
1234n
- minicms
CWE