CVE-2025-14006
BaseFortify
Publication date: 2025-12-04
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| xunruicms | xunruicms | to 4.7.1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the affected endpoint `/admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=1` for improper handling of the `data[name]` parameter that leads to cross-site scripting (XSS). You can use web vulnerability scanners or manual testing tools like curl or browser developer tools to inject typical XSS payloads (e.g., `<script>alert(1)</script>`) into the `data[name]` parameter and observe if the script executes. Example command using curl: `curl -X POST 'http://target/admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=1' -d 'data[name]=<script>alert(1)</script>'` and check the response for script execution or reflected payload. Additionally, monitoring web application logs for suspicious input patterns or unexpected script tags in user input fields can help detect exploitation attempts. [1, 2]
Can you explain this vulnerability to me?
This vulnerability is a cross-site scripting (XSS) issue in dayrui XunRuiCMS up to version 4.7.1. It occurs in the Add Data Validation Page component, specifically in the file /admind45f74adbd95.php with certain parameters. The vulnerability arises from improper handling of the argument data[name], allowing an attacker to inject malicious scripts. This attack can be performed remotely and the exploit has been publicly disclosed.
How can this vulnerability impact me? :
The vulnerability can allow an attacker to execute malicious scripts in the context of the affected web application, potentially leading to unauthorized actions such as session hijacking, defacement, or redirection to malicious sites. Since it is a cross-site scripting vulnerability exploitable remotely, it can compromise user interactions and data integrity without requiring physical access.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling or restricting access to the vulnerable Add Data Validation page or the affected endpoint `/admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=1` to prevent exploitation. Since no patches or vendor mitigations are available, consider applying web application firewall (WAF) rules to block malicious input patterns targeting the `data[name]` parameter. Limiting user privileges to reduce the impact of potential exploitation and monitoring for suspicious activity is also recommended. Ultimately, consider replacing or upgrading the affected component or product to a secure version once available. [2]