CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-45236

A stored cross-site scripting (XSS) vulnerability in the Edit Profile feature of DBSyncer v2.0.6 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Nickname parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.9%

CVSS Severity

CVSS v3 Score 5.4

References

http://dbsyncer.com
https://gist.github.com/chao112122/504e224e63c9a966ba233df1d523ce4f
https://github.com/86dbs/dbsyncer

Products affected by CVE-2025-45236

Dbsyncer Project » Dbsyncer » Version: 2.0.6

cpe:2.3:a:dbsyncer_project:dbsyncer:2.0.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-45236

Products

Pricing

Contact Us