CNNVD-202510-297 Information

CNNVD ID

CNNVD-202510-297

Related CVE

CVE-2025-60782

• CNNVD Published: 2025-10-02

Description (Chinese)

PHP Education Management是Iqbolshoh Ilhomjonov个人开发者的一个教育管理器。 PHP Education Management 1.0版本存在跨站脚本漏洞，该漏洞源于topics.php中标题字段未验证输入，可能导致存储型跨站脚本攻击。

Description (English)

PHP Education Management is an educational manager for Iqbolshoh Ilhomjonov personal developers. Version 1.0 of PHP Education Management has a cross-site script loophole, which originates from the unverified entry of title fields in topics.php and may result in a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

个人开发者

Published

2025-10-02

Last Modified

2026-02-24

References

https://gold-textbook-8ff.notion.site/php-education-management-Background-storage-xss-25985e97f35380db9d38e7d0fbb408d6?pvs=73

Patch

https://www.phpmyfaq.de/download