Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in VirtuaNews Admin Panel Pro 1.0.3 allows remote attackers to execute arbitrary script as other users via (1) the mainnews parameter in admin.php, (2) the expand parameter in admin.php, (3) the id parameter in admin.php, (4) the catid parameter in admin.php, or (5) an unnamed parameter during the newslogo_upload action in admin.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
VirtuaSystems VirtuaNews多重组件跨站脚本攻击(XSS)漏洞
Vulnerability Description
VirtuaNews Admin Panel Pro 1.0.3存在跨站脚本攻击(XSS)漏洞。远程攻击者可以借助以下参数以其他用户身份执行任意脚本(1)admin.php的mainnews参数,(2)admin.php的expand参数,(3)admin.php的id参数,(4)admin.php的catid参数,或者(5)admin.php的newslogo_upload运行期间的一个未命名参数。
CVSS Information
N/A
Vulnerability Type
N/A