CVE-2025-10946

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions nuz007 smsboom versions prior to 01b2f35bbbc23f3e0f60f38ca0e3d1b286f8d674

Description A flaw exists in nuz007 smsboom. Manipulation of the hm argument in an unknown function within the dy.php file can lead to cross site scripting. Remote exploitation is possible.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-94

Related Identifiers

CVE-2025-10946

Affected Products

Nuz007 Smsboom

CVE-2025-10946

Weakness Enumeration

Related Identifiers

Affected Products

References · 7