1 results (0.001 seconds)
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 1
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 1CVE-2025-9237 – CodeAstro Ecommerce Website Edit Your Account my_account.php cross site scripting
https://notcve.org/view.php?id=CVE-2025-9237
20 Aug 2025 — A vulnerability was found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /customer/my_account.php?edit_account of the component Edit Your Account Page. Performing manipulation of the argument Username results in cross site scripting. It is possible to initiate the attack remotely. • https://vuldb.com/?id.320770 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •