Low severity3.5NVD Advisory· Published Aug 20, 2025· Updated Apr 29, 2026
CVE-2025-9237
CVE-2025-9237
Description
A vulnerability was found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /customer/my_account.php?edit_account of the component Edit Your Account Page. Performing manipulation of the argument Username results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be used.
Affected products
1- cpe:2.3:a:codeastro:ecommerce_website:1.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- gist.github.com/0xSebin/bb6781e5977bda36610fda20861a5bbenvdExploitThird Party Advisory
- gist.github.com/0xSebin/bb6781e5977bda36610fda20861a5bbenvdExploitThird Party Advisory
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdThird Party AdvisoryVDB Entry
- codeastro.comnvdProduct
- vuldb.comnvdPermissions RequiredVDB Entry
News mentions
0No linked articles in our index yet.