CNNVD-202509-3767 Information

Sep 23, 2025 cve

CNNVD ID

CNNVD-202509-3767

CVE-2025-10827

  • CNNVD Published: 2025-09-23

Description (Chinese)

PHPJABBERS Restaurant Menu Maker Project是PHPJABBERS开源的一个菜单制作项目。 PHPJABBERS Restaurant Menu Maker Project 1.1及之前版本存在代码注入漏洞,该漏洞源于对文件/preview.php中参数theme的错误操作,可能导致跨站脚本攻击。

Description (English)

PHPJABBERS Restaurant Menu Maker Project is a menu-making project for PHPJABBERS open source. PHPJABBERS Restaurant Menu Maker Project 1.1 et seq. contains a code-in-code loophole that results from an error in the parameter Theme in the document/preview.php, which may result in a cross-site script attack.

Hazard Level

High

Vulnerability Type

代码注入

Affected Vendor

PHProxy

Published

2025-09-23

Last Modified

2026-02-24

References

https://vuldb.com/?submit.655884 https://vuldb.com/?ctiid.325184 https://vuldb.com/?id.325184 https://github.com/485961590/CVE/issues/1 https://access.redhat.com/security/cve/cve-2025-10827

Share on: