CNNVD-202602-252 Information

CNNVD ID

CNNVD-202602-252

Related CVE

CVE-2020-37072

• CNNVD Published: 2026-02-03

Description (Chinese)

Victor CMS是尼日利亚Victor Alagwu个人开发者的一套开源的内容管理系统。 Victor CMS 1.0版本存在跨站脚本漏洞，该漏洞源于comment_author POST参数存在存储型跨站脚本漏洞，可能导致执行任意代码。

Description (English)

Victor CMS is an open-source content management system for Victor Aragwu personal developers in Nigeria. Victor CMS Version 1.0 has a cross-site script loophole, which stems from the memory author POST parameter with a storage-type cross-site script loophole that may lead to the implementation of any code.

Hazard Level

Medium

Vulnerability Type

跨站脚本

Affected Vendor

个人开发者

Published

2026-02-03

Last Modified

2026-02-24

References

https://github.com/VictorAlagwu/CMSsite https://www.exploit-db.com/exploits/48484 https://www.vulncheck.com/advisories/victor-cms-commentauthor-persistent-cross-site-scripting