CNNVD-202512-576 Information
Dec 04, 2025
cve
CNNVD ID
CNNVD-202512-576
Related CVE
- CNNVD Published: 2025-12-04
Description (Chinese)
xunruicms是XunRuiCMS个人开发者的一个建站框架。 xunruicms 4.7.1及之前版本存在代码注入漏洞,该漏洞源于对文件/admind45f74adbd95.php中参数data[name]的错误操作,可能导致跨站脚本。
Description (English)
xunruicms is a framework for the construction of XunruiCMS by individual developers. xunruicms 4.7.1 and previous versions have a code-injecting loophole, which results from an error in the parameter data [name] in file/admind45f74adbd95.php, which may result in a cross-site script.
Hazard Level
Critical
Vulnerability Type
代码注入
Affected Vendor
个人开发者
Published
2025-12-04
Last Modified
2026-02-24
References
https://github.com/24-2021/vul/blob/main/xunruicms-Data%20Validation-XSS/xunruicms-Data%20Validation-XSS.md https://vuldb.com/?ctiid.334248 https://vuldb.com/?id.334248 https://vuldb.com/?submit.692910
Share on: