detronetdip E-commerce function.php get_safe_value cross site scripting_CVE-2025-15583

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A weakness has been identified in detronetdip E-commerce 1.0.0. This affects the function get_safe_value of the file utility/function.php. Executing a manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

Basic Information

ID CVE-2025-15583

Source VulDB

Published Feb 20, 2026 at 16:32

Affected Product

Vendor detronetdip

Product E-commerce

Version 1.0.0

Affected Versions detronetdip E-commerce 1.0.0

CWE Classification

CWE-79 CWE-94

References

{
    "lastseen": "",
    "description": "A weakness has been identified in detronetdip E-commerce 1.0.0. This affects the function get_safe_value of the file utility/function.php. Executing a manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.",
    "published": "2026-02-20T16:32:10.015Z",
    "modified": "2026-02-20T16:32:10.015Z",
    "type": "cve",
    "title": "detronetdip E-commerce function.php get_safe_value cross site scripting",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.346487\nhttps://vuldb.com/?ctiid.346487\nhttps://vuldb.com/?submit.754033\nhttps://github.com/detronetdip/E-commerce/issues/23\nhttps://github.com/Nixon-H/PHP-Stored-XSS-Bypass-Real-Escape\nhttps://github.com/detronetdip/E-commerce/",
    "id": "CVE-2025-15583",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "detronetdip E-commerce 1.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "E-commerce",
    "version": "1.0.0",
    "vendor": "detronetdip",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}