CNNVD-202508-2356 Information

CNNVD ID

CNNVD-202508-2356

Related CVE

CVE-2025-9237

• CNNVD Published: 2025-08-20

Description (Chinese)

CodeAstro Ecommerce Website是CodeAstro公司的一个电子商务网站。 CodeAstro Ecommerce Website 1.0版本存在安全漏洞，该漏洞源于对文件/customer/my_account.php中参数Username的错误操作导致跨站脚本攻击。

Description (English)

CodeAstro Ecommerce Website is an e-commerce website of CodeAstro. The CodeAstro Ecommerce Website Version 1.0 contains a security loophole resulting from an error in the use of the parameter Username in the document/customer/my account.php, resulting in a cross-site script attack.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

CodeAstro

Published

2025-08-20

Last Modified

2026-02-24

References

https://vuldb.com/?submit.631136 https://vuldb.com/?id.320770 https://vuldb.com/?ctiid.320770 https://gist.github.com/0xSebin/bb6781e5977bda36610fda20861a5bbe#steps-to-reproduce https://codeastro.com/ https://nvd.nist.gov/vuln/detail/CVE-2025-9237