CNNVD-202509-1725 Information
Sep 11, 2025
cve
CNNVD ID
CNNVD-202509-1725
Related CVE
- CNNVD Published: 2025-09-11
Description (Chinese)
PHP-Code-For-Unlimited-File-Upload是Lokesh Kumar个人开发者的一个用于多个文件传输的软件。 PHP-Code-For-Unlimited-File-Upload存在代码注入漏洞,该漏洞源于对文件/f.php中参数h的错误操作,可能导致跨站脚本攻击。
Description (English)
PHP-Code-For-Unlimied-File-Upload is a software used by Lokesh Kumar’s personal developer for multiple file transfers. PHP-Code-For-Unlimied-File-Upload has a code-injecting loophole, which stems from a wrong operation on parameter h in file/f.php, which may result in a cross-site script attack.
Hazard Level
Critical
Vulnerability Type
代码注入
Affected Vendor
个人开发者
Published
2025-09-11
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.323546 https://vuldb.com/?id.323546 https://vuldb.com/?submit.642206
Share on: