CNNVD-202601-1372 Information

CNNVD ID

CNNVD-202601-1372

Related CVE

CVE-2019-25280

• CNNVD Published: 2026-01-08

Description (Chinese)

Yahei-PHP Prober是中国Zhou个人开发者的一个PHP环境检测脚本。 Yahei-PHP Prober 0.4.7版本存在跨站脚本漏洞，该漏洞源于对prober.php文件中speed参数未验证输入，可能导致HTML注入攻击。

Description (English)

Yahei-PHP Prober is a PHP environmental test script for Zhou personal developers in China. The Yahei-PHP Prober version 0.4.7 has a cross-site script loophole, which stems from the failure to verify input of the root.php file.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

个人开发者

Published

2026-01-08

Last Modified

2026-02-24

References

https://cxsecurity.com/issue/WLB-2019070132 https://exchange.xforce.ibmcloud.com/vulnerabilities/164412 https://packetstormsecurity.com/files/153756 http://www.yahei.net/ https://web.archive.org/web/20190623143100/ https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5531.php