CVE-2025-1209 | code-projects Wazifa System 1.0 /search_resualts.php searchuser firstname/lastname cross site scripting

Inserito da Angelo Barbosa | Feb 10, 2025 | CVE

A vulnerability classified as problematic has been found in code-projects Wazifa System 1.0. Affected is the function searchuser of the file /search_resualts.php. The manipulation of the argument firstname/lastname leads to cross site scripting.

This vulnerability is traded as CVE-2025-1209. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

There is a typo in the affected file name.

CVE-2025-1209 | code-projects Wazifa System 1.0 /search_resualts.php searchuser firstname/lastname cross site scripting

Post correlati

CVE-2023-52266 | ehttp up to 1.0.5 epoll_socket.cpp read_func use after free (Issue 38)

CVE-2024-52592 | Misskey up to 2024.11.0-alpha.2 ApInboxService.update access control (GHSA-5h8r-gq97-xv69)

CVE-2024-30665 | ScriROS Melodic Morenia os command injection

CVE-2024-30415 | Huawei HarmonyOS/EMUI Window Management Module permission