Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2002-0217
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-site scripting (CSS) vulnerabilities in the Private Message System for XOOPS 1.0 RC1 allow remote attackers to execute Javascript on other web clients via (1) the Title field or a Private Message Box or (2) the image field parameter in pmlite.php.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Xoops个人消息系统跨站脚本执行漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Xoops是一个用面向对象的PHP写的开源、免费的web程序,它用MySQL作为后台数据库,可以运行于大多数的Unix和Linux系统。 Xoops的用户个人消息系统存在跨站脚本执行漏洞,攻击者可能利用此漏洞窃取用户的cookie等信息。。 个人消息系统的标题栏没有很好的过滤脚本代码,当用户收到攻击者发来的个人消息,里面包含的恶意脚本代码将被执行,出现跨站脚本执行问题。这个漏洞可以让攻击者窃取用户基于cookie的认证信息等等。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
-n/a n/a -
II. Public POCs for CVE-2002-0217
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2002-0217
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: n/a
Same vendor: n/a
V. Comments for CVE-2002-0217

No comments yet

Leave a comment