CNNVD-202512-2196 Information

CNNVD ID

CNNVD-202512-2196

Related CVE

CVE-2025-14519

• CNNVD Published: 2025-12-11

Description (Chinese)

hfly是baowzh个人开发者的一个旅游网站。 hfly存在安全漏洞，该漏洞源于组件advtext Module的文件/admin/index.php/advtext/add中存在缺陷，可能导致跨站脚本攻击。

Description (English)

hfly is a tourist site for the Baowzh personal developer. hfly has a security loophole, which stems from defects in the document/admin/index.php/advtext/addd of the component advtext Modeule, which may lead to a cross-site script attack.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-12-11

Last Modified

2026-02-24

References

https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/PHP-based%20travel%20website-CMS/PHP-based%20travel%20website-CMS%20advtext%20add%20Stored%20Cross-Site%20Scripting(XSS).md https://vuldb.com/?ctiid.335857 https://vuldb.com/?id.335857 https://vuldb.com/?submit.702943