CNNVD-202509-4003 Information

CNNVD ID

CNNVD-202509-4003

Related CVE

CVE-2025-10943

• CNNVD Published: 2025-09-25

Description (Chinese)

WeChat-Face-Recognition是Mike Cen个人开发者的一个微信管理平台人脸识别程序。 WeChat-Face-Recognition存在代码注入漏洞，该漏洞源于对文件wx.php中参数echostr的错误操作，可能导致跨站脚本攻击。

Description (English)

WeChat-Face-Recognition is a face recognition program for Mike Can’s personal developer. WeChat-Face-Recognition has a code-injecting loophole, which stems from an error in the chostr of the parameter in document wx.php, which could lead to a cross-site script attack.

Hazard Level

Critical

Vulnerability Type

代码注入

Affected Vendor

LitexMedia

Published

2025-09-25

Last Modified

2026-02-24

References

https://github.com/MikeCen/WeChat-Face-Recognition/blob/master/wx.php#L25 https://vuldb.com/?ctiid.325813 https://vuldb.com/?id.325813 https://vuldb.com/?submit.651882