CNNVD-202506-2783 Information

Jun 20, 2025 cve

CNNVD ID

CNNVD-202506-2783

CVE-2025-6347

CNNVD Published: 2025-06-20

Description (Chinese)

Code-Projects Responsive Blog是Code-Projects开源的一个响应式博客。 Code-Projects Responsive Blog 1.0/1.12.4/3.3.4版本存在代码注入漏洞，该漏洞源于对文件/responsive/resblog/blogadmin/admin/pageViewMembers.php的错误操作导致跨站脚本。

Description (English)

The Code-Projects Responsive Blog is a responsive blog for the Code-Projects Open Source. The Code-Projects Responsive Blog Version 1.0/1.12.4/3.3.4 contains a code-injection loophole, which results from a wrong operation to document/responsive/resblog/blogmin/admin/pageViewMembers.php resulting in a cross-site script.

Hazard Level

Critical

Vulnerability Type

代码注入

Affected Vendor

Code-Projects

Published

2025-06-20

Last Modified

2026-02-24

References

https://vuldb.com/?id.313342 https://vuldb.com/?submit.595676 https://code-projects.org/ https://vuldb.com/?ctiid.313342 https://gist.github.com/0xCaptainFahim/8bb9021dcea33863eaf0279aaca2671c https://access.redhat.com/security/cve/cve-2025-6347

Share on: