CNNVD-202512-5572 Information

CNNVD ID

CNNVD-202512-5572

Related CVE

CVE-2019-25262

• CNNVD Published: 2025-12-31

Description (Chinese)

Razgover是Eli Nicksic个人开发者的一个在线消息应用程序。 Razgover存在代码注入漏洞，该漏洞源于对文件Chattify/send.php中参数msg的错误操作，可能导致跨站脚本攻击。

Description (English)

Razgover is an online news application for Eli Nicksic personal developers. Razgover had a code-infusion loophole, which stemmed from the wrong operation of the msg parameter in document Chattify/send.php, which could lead to a cross-site scrip attack.

Hazard Level

Critical

Vulnerability Type

代码注入

Affected Vendor

个人开发者

Published

2025-12-31

Last Modified

2026-02-24

References

https://github.com/elinicksic/Razgover/commit/995dd89d0e3ec5522966724be23a5d58ca1bdac3 https://vuldb.com/?ctiid.338649 https://vuldb.com/?id.338649