CNNVD-202506-3675 Information

CNNVD ID

CNNVD-202506-3675

Related CVE

CVE-2025-6849

• CNNVD Published: 2025-06-29

Description (Chinese)

Code-Projects Simple Forum是Code-Projects开源的一个简易论坛。 Code-Projects Simple Forum 1.0版本存在代码注入漏洞，该漏洞源于对文件/forum_edit1.php中参数text的错误操作导致跨站脚本。

Description (English)

Code-Projects Simple Forum is a simple open-source forum for Code-Projects. The Code-Projects Simple Forum Version 1.0 contains a code-injection loophole resulting from an error in the text of the parameter in file/forum edit1.php, resulting in a cross-site script.

Hazard Level

Critical

Vulnerability Type

代码注入

Affected Vendor

Code-Projects

Published

2025-06-29

Last Modified

2026-02-24

References

https://vuldb.com/?submit.603351 https://vuldb.com/?ctiid.314292 https://code-projects.org/ https://vuldb.com/?id.314292 https://github.com/ez-lbz/poc/issues/19 https://access.redhat.com/security/cve/cve-2025-6849