Home > Vulnerability Database > CVE-2025-10945

Mend.io Vulnerability Database

CVE-2025-10945

Date: September 25, 2025

A security vulnerability has been detected in nuz007 smsboom up to 01b2f35bbbc23f3e0f60f38ca0e3d1b286f8d674. Impacted is an unknown function of the file d.php. Such manipulation of the argument hm leads to cross site scripting. The attack may be launched remotely. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases.

Severity Score

6.5

Related Resources (6)

Url: https://github.com/nuz007/smsboom/blob/main/d.php#L25

Url: https://vuldb.com/?ctiid.325815

Url: https://vuldb.com/?submit.651886

Url: https://vuldb.com/?id.325815

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-10945

Url: https://www.mend.io/vulnerability-database/CVE-2025-10945

Severity Score

6.5

Weakness Type (CWE)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-79

Improper Control of Generation of Code ('Code Injection')

CWE-94

CVSS v3.1

Base Score:	6.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-10945

Date: September 25, 2025

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?