Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting vulnerability in phpBB 2.0.0 (phpBB2) allows remote attackers to execute Javascript as other phpBB users by including a http:// and a double-quote (") in the [IMG] tag, which bypasses phpBB's security check, terminates the src parameter of the resulting HTML IMG tag, and injects the script.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PHPBB2图象标记可插入HTML代码漏洞
Vulnerability Description
PHPBB2是一款由PHP编写的Web论坛程序,可使用在Unix和Linux操作系统下,也可使用在Microsoft Windows操作系统下。 PHPBB2在处理图象标记中的数据缺少正确充分的检查,可导致远程攻击者进行HTML代码插入攻击。 PHPBB2可以使用[img][/img]代替HTML代码支持图象操作,但是PHPBB2对用户提交给[img][/img]标记的数据缺少正确检查和过滤,由于BBCode在转译'"'符号时表示HTML标记的结束,攻击者可以在图象标记中插入'"'号并在'"'号后插入任意
CVSS Information
N/A
Vulnerability Type
N/A