CNNVD-202509-645 Information
Sep 04, 2025
cve
CNNVD ID
CNNVD-202509-645
Related CVE
- CNNVD Published: 2025-09-04
Description (Chinese)
CodeAstro Real Estate Management System是CodeAstro公司的一个房地产管理系统。 CodeAstro Real Estate Management System 1.0版本存在代码注入漏洞,该漏洞源于文件/feature.php中参数msg操作不当,可能导致跨站脚本攻击。
Description (English)
CodeAstro Real Estate Management System is a real estate management system for CodeAstro. Version 1.0 of CodeAstro Real Estate System has a code-injection loophole, which stems from the improper operation of the msg parameter in document/feature.php, which may result in a cross-site script attack.
Hazard Level
High
Vulnerability Type
代码注入
Affected Vendor
CodeAstro
Published
2025-09-04
Last Modified
2026-02-24
References
https://codeastro.com/ https://github.com/YZS17/CVE/blob/main/CodeAstro_Real_Estate_Management_System/feature.php_XSS.md https://vuldb.com/?ctiid.322342 https://vuldb.com/?id.322342 https://vuldb.com/?submit.643541
Share on: