CNNVD-202506-2790 Information

CNNVD ID

CNNVD-202506-2790

Related CVE

CVE-2025-6353

• CNNVD Published: 2025-06-20

Description (Chinese)

Code-Projects Responsive Blog是Code-Projects开源的一个响应式博客。 Code-Projects Responsive Blog 1.0版本存在代码注入漏洞，该漏洞源于对文件/search.php中参数keyword的错误操作导致跨站脚本。

Description (English)

The Code-Projects Responsive Blog is a responsive blog for the Code-Projects Open Source. The Code-Projects Responsive Blog Version 1.0 contains a code-injection loophole, which results from an error in the argument keyword in the file/search.php, resulting in a cross-site script.

Hazard Level

Critical

Vulnerability Type

代码注入

Affected Vendor

Code-Projects

Published

2025-06-20

Last Modified

2026-02-24

References

https://github.com/asd1238525/cve/blob/main/xss2.md#poc https://code-projects.org/ https://vuldb.com/?submit.597260 https://vuldb.com/?ctiid.313345 https://vuldb.com/?id.313345 https://access.redhat.com/security/cve/cve-2025-6353