CNNVD-202510-2574 Information

CNNVD ID

CNNVD-202510-2574

Related CVE

CVE-2025-60781

• CNNVD Published: 2025-10-20

Description (Chinese)

PHP Education Management是Iqbolshoh Ilhomjonov个人开发者的一个教育管理器。 PHP Education Management 1.0版本存在安全漏洞，该漏洞源于worksheet.php文件中参数participant_name未经验证，可能导致跨站脚本攻击。

Description (English)

PHP Education Management is an educational manager for Iqbolshoh Ilhomjonov personal developers. There is a security loophole in version 1.0 of PHP Education Management, which stems from unverified parametric name in the worksheet.php file, which may result in a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-10-20

Last Modified

2026-02-24

References

https://gold-textbook-8ff.notion.site/php-education-management-Stored-XSS-Vulnerability-25985e97f35380018b9af0f4b678002c?pvs=73