Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting vulnerability in WebSight Directory System 0.1 allows remote attackers to execute arbitrary Javascript and gain access to the WebSight administrator via a new link submission containing the script in a website name.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WebSight Directory System存在跨站脚本执行漏洞
Vulnerability Description
WebSight Directory System是一款基于WEB的目录系统和站点架构程序,运行在多种Unix和Linux系统平台下,也可运行于Windows平台下,由PHP语言实现。 WebSight Directory System对URL参数过滤上存在漏洞,可导致产生跨站脚本执行漏洞。 当用户提交新链接的时候(得到管理员同意),WebSight Directory System没有充分检查用户输入的内容,攻击者可以构建包含恶意脚本代码并输入,当管理员检查的此新链接的时候就会导致脚本代码被执行,严重的
CVSS Information
N/A
Vulnerability Type
N/A