Home Embedded Vulns General Vulns

CVE-2019-25280

MEDIUM 6.1

Our Analysis: General-Purpose

Our model has classified this vulnerability as relevant to General-Purpose Systems, helping your team prioritize efforts effectively.

Published Date January 8, 2026
Last Modified January 8, 2026
CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Description

Yahei-PHP Prober 0.4.7 contains a remote HTML injection vulnerability that allows attackers to execute arbitrary HTML code through the 'speed' GET parameter. Attackers can inject malicious HTML code in the 'speed' parameter of prober.php to trigger cross-site scripting in user browser sessions.