CNNVD-202506-3603 Information

Jun 27, 2025 cve

CNNVD ID

CNNVD-202506-3603

CVE-2025-6778

CNNVD Published: 2025-06-27

Description (Chinese)

Code-Projects Food Distributor Site是Code-Projects开源的一个食品分销商网站。 Code-Projects Food Distributor Site 1.0版本存在代码注入漏洞，该漏洞源于文件/admin/save_settings.php中参数site_phone/site_email/address的错误操作导致跨站脚本。

Description (English)

Code-Projects Food Distributor Site is a food distributor ’ s website that is open to Code-Projects. The Code-Projects Food Distributor Site 1.0 contains a code-injecting loophole, which stems from the error of the parameter site phone/site email/address in the file/admin/save settings.php.

Hazard Level

Critical

Vulnerability Type

代码注入

Affected Vendor

Code-Projects

Published

2025-06-27

Last Modified

2026-02-24

References

https://code-projects.org/ https://github.com/fubxx/CVE/blob/main/Food%20Distributor%20system%20XSS%202.md https://github.com/fubxx/CVE/blob/main/Food%20Distributor%20system%20XSS%203.md https://vuldb.com/?ctiid.314094 https://vuldb.com/?id.314094 https://vuldb.com/?submit.602600 https://vuldb.com/?submit.602601 https://vuldb.com/?submit.602602 https://access.redhat.com/security/cve/cve-2025-6778

Share on: