Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) uname parameter in user.php, (2) ttitle, letter and file parameters in modules.php, (3) subject, story and storyext parameters in submit.php, (4) upload parameter in admin.php and (5) fname parameter in friend.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PHPNuke多个跨站脚本漏洞
Vulnerability Description
PHP-Nuke 5.3.1版本及之前版本存在跨站脚本(XSS)漏洞。远程攻击者可以借助(1)user.php的uname参数,(2)modules.php的ttitle、letter和file参数,(3)submit.php的subject、story和storyext参数,(4)admin.php的upload参数以及(5)friend.php的fname参数注入任意web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A