CVE-2019-25731 in Musicالمعلومات

الملخص

بحسب MITRE • 04/06/2026

Zuz Music 2.1 contains a persistent cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious JavaScript by submitting crafted contact form data. Attackers can inject script code through the name, subject, and message parameters in POST requests to /gmusic/zuzconsole/___contact, which executes when administrators view messages in the inbox interface.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

VulnCheck

حجز

04/06/2026

إفشاء

04/06/2026

الاعتدال

تمت الموافقة

إدخال

VDB-368320

CPE

جاهز

CWE

CWE-79 (مؤكد)

استغلال

تحميل

CVSS

7.2 (CNA)

EPSS

0.00000

KEV

لا

النشاطات

منخفض

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2019-25731
NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-25731
CVE Details	https://www.cvedetails.com/cve/CVE-2019-25731/

التالي ▸نظرة عامة ◂ السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!