CNNVD-202509-656 Information
CNNVD ID
CNNVD-202509-656
Related CVE
- CNNVD Published: 2025-09-04
Description (Chinese)
Code-Projects Responsive Blog Site是Code-Projects开源的一个响应式博客网站。 Code-Projects Responsive Blog Site 1.0版本存在代码注入漏洞,该漏洞源于文件blogs_view.php中参数product_code/gen_name/product_name/supplier操作不当,可能导致跨站脚本攻击。
Description (English)
Code-Projects Responsive Blog Site is a responsive blog site that is open to Code-Projects. Version 1.0 of Code-Projects Responsive Blog Site contains a code-injection loophole that results from inappropriate operation of the parameter code code/gen name/product name/suppleer in the file logs view.php, which may result in a cross-site script attack.
Hazard Level
Critical
Vulnerability Type
代码注入
Affected Vendor
Code-Projects
Published
2025-09-04
Last Modified
2026-02-24
References
https://code-projects.org/ https://github.com/chen2496088236/CVE/issues/5 https://vuldb.com/?ctiid.322331 https://vuldb.com/?id.322331 https://vuldb.com/?submit.642586
Share on: