CNNVD-202509-3997 Information
Sep 25, 2025
cve
CNNVD ID
CNNVD-202509-3997
Related CVE
- CNNVD Published: 2025-09-25
Description (Chinese)
smsboom是QuitDropdatabaseFalse个人开发者的一个短信轰炸软件。 smsboom 01b2f35bbbc23f3e0f60f38ca0e3d1b286f8d674及之前版本存在代码注入漏洞,该漏洞源于对文件dy.php中参数hm的错误操作,可能导致跨站脚本攻击。
Description (English)
The smsboom is a text message bombing software for QuitDropdatabaseFalse personal developer. Smsboom 01b2f35bbbc23f3e0f60f38ca0e3d1b286f8d674 and previous versions have a code-injecting loophole, which stems from an error in the application of the parameter hm in file dy.php, which could result in a cross-site script attack.
Hazard Level
Critical
Vulnerability Type
代码注入
Affected Vendor
LitexMedia
Published
2025-09-25
Last Modified
2026-02-24
References
https://github.com/nuz007/smsboom/blob/main/dy.php#L20 https://vuldb.com/?ctiid.325816 https://vuldb.com/?id.325816 https://vuldb.com/?submit.651887
Share on: