Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name parameter in modules.php and (2) catid parameter in index.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PostNuke跨站脚本执行漏洞
Vulnerability Description
PostNuke是一款基于WEB的内容管理系统,运行在多种Unix和Linux系统平台下,也可运行于Windows平台下,由PHP实现,php-nuke项目组开发和维护。 PostNuke对用户输入过滤上存在漏洞,可使远程攻击者利用index.php 和modules.php脚本进行跨站脚本执行攻击。 PostNuke中的index.php和modules.php脚本对用户提供的内容没有做充分过滤,这可能导致攻击者建立包含恶意代码的链接,当其他用户浏览相关此链接的时候,脚本将在用户的浏览器中执行。攻击者可
CVSS Information
N/A
Vulnerability Type
N/A