CVE-2025-12202 (CNNVD-202510-3758)
中文标题:
User-Management-PHP-MYSQL 安全漏洞
英文标题:
ajayrandhawa User-Management-PHP-MYSQL web cross-site request forgery
漏洞描述
中文描述:
User-Management-PHP-MYSQL是Ajay Randhawa个人开发者的一个安全的用户管理系统。 User-Management-PHP-MYSQL存在安全漏洞,该漏洞源于未知代码操作不当,可能导致跨站请求伪造攻击。
英文描述:
A security flaw has been discovered in ajayrandhawa User-Management-PHP-MYSQL web up to fedcf58797bf2791591606f7b61fdad99ad8bff1. This vulnerability affects unknown code. Performing manipulation results in cross-site request forgery. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| ajayrandhawa | User-Management-PHP-MYSQL web | fedcf58797bf2791591606f7b61fdad99ad8bff1 | - | - |
cpe:2.3:a:ajayrandhawa:user-management-php-mysql_web:fedcf58797bf2791591606f7b61fdad99ad8bff1:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
参考链接
cve.org
cve.org
cve.org
cve.org
CVSS评分详情
4.0 (cna)
MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
3.1 (cna)
MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
3.0 (cna)
MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
2.0 (cna)
MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2025-12202 |
2025-11-11 15:23:03 | 2025-11-11 07:40:06 |
| NVD | nvd_CVE-2025-12202 |
2025-11-11 15:01:07 | 2025-11-11 07:47:57 |
| CNNVD | cnnvd_CNNVD-202510-3758 |
2025-11-11 15:12:30 | 2025-11-11 08:00:19 |
版本与语言
安全公告
变更历史
查看详细变更
- vulnerability_type: 未提取 -> 其他
- cnnvd_id: 未提取 -> CNNVD-202510-3758
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- data_sources: ['cve'] -> ['cve', 'nvd']