Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in phpBB 2.0.6d and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) postdays parameter to viewtopic.php or (2) topicdays parameter to viewforum.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
phpBB viewtopic.php postdays参数跨站脚本漏洞
Vulnerability Description
phpBB2是一款由PHP编写的WEB论坛应用程序,支持多种数据库系统,可使用在多种Unix和Linux操作系统下。 phpBB2包含的"viewtopic.php"脚本在处理"postdays"变量时缺少充分过滤,远程攻击者可以利用这个漏洞进行跨站脚本执行攻击,可能获得用户敏感数据信息。 脚本"viewtopic.php"在返回"postdays" HTML变量值给客户端时没有进行任何编码或删除过滤恶意代码,当目标用户连接嵌入恶意"postdays"变量数据链接时,可导致脚本代码在用户浏览器上执行,可能
CVSS Information
N/A
Vulnerability Type
N/A