CNNVD-202602-1206 Information

Feb 08, 2026 cve

CNNVD ID

CNNVD-202602-1206

CVE-2026-2159

  • CNNVD Published: 2026-02-08

Description (Chinese)

Simple Responsive Tourism Website是简单响应式旅游网站。 Simple Responsive Tourism Website 1.0版本存在代码注入漏洞,该漏洞源于对文件/tourism/classes/Master.php?f=register中参数firstname/lastname/username的错误操作,可能导致跨站脚本攻击。

Description (English)

Simple Responsive Tourism Website is a simple and responsive tourism website. Version 1.0 of Simple Responsive Tourism Website contains a code-injection loophole, which results from a mishandling of the parameter Firstname/lastname/username in the file/tourism/classes/Master.php?f=register, which may result in a cross-site script attack.

Hazard Level

High

Vulnerability Type

代码注入

Affected Vendor

SourceCodester

Published

2026-02-08

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.344861 https://github.com/CH0ico/CVE_choco_5/blob/main/report.md https://vuldb.com/?id.344861 https://www.sourcecodester.com/ https://vuldb.com/?submit.750995 https://access.redhat.com/security/cve/cve-2026-2159

Share on: