Browse all 5 CVE security advisories affecting xnx3. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Xnx3 is a web application framework primarily used for developing content management systems and enterprise web solutions. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its five recorded CVEs. The framework's security posture has been compromised through insufficient input validation and improper access controls in previous versions. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities in its core components suggests a need for rigorous security hardening and regular updates when deploying xnx3-based applications.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-15452 | xnx3 wangmarket Backend Variable Search variableList.do variableList cross site scripting — wangmarketCWE-79 | 2.4 | Low | 2026-01-05 |
| CVE-2025-15451 | xnx3 wangmarket System Variables variableSave.do cross site scripting — wangmarketCWE-79 | 2.4 | Low | 2026-01-05 |
| CVE-2025-15416 | xnx3 wangmarket Add Global Variable save.do cross site scripting — wangmarketCWE-79 | 2.4 | Low | 2026-01-01 |
| CVE-2025-15415 | xnx3 wangmarket XML File uploadImage.do uploadImage unrestricted upload — wangmarketCWE-434 | 4.7 | Medium | 2026-01-01 |
| CVE-2023-6886 | xnx3 wangmarket Role Management Page code injection — wangmarketCWE-94 | 4.7 | Medium | 2023-12-17 |
This page lists every published CVE security advisory associated with xnx3. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.