CNNVD-202509-1093 Information

Sep 08, 2025 cve

CNNVD ID

CNNVD-202509-1093

CVE-2025-40642

CNNVD Published: 2025-09-08

Description (Chinese)

Codester WebWork - PHP Search Engine Script是Codester开源的一个搜索引擎脚本。 Codester WebWork - PHP Search Engine Script存在跨站脚本漏洞，该漏洞源于对参数q和engine的错误操作可能导致反射型跨站脚本。

Description (English)

Codester WebWork - PHP Search Engineering Script is a search engine script from Codester Open Source. Codester WebWork - PHP Search Engineering Script has a cross-site script loophole, which stems from errors in the application of parameters q and engine that may result in a reflector-type cross-site script.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Codester

Published

2025-09-08

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/reflected-cross-site-scripting-xss-webwork

Share on: