Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in myBloggie 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) year parameter in viewmode.php, or the (2) cat_id, (3) month_no, or (4) post_id parameter in index.php, which are not properly sanitized before they are displayed in an error message. NOTE: issues 2, 3, and 4 may be due to a problem in associated products rather than myBloggie itself.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MyBloggie多个输入验证漏洞
Vulnerability Description
myBloggie 2.1.1存在多个跨站脚本攻击(XSS)漏洞,远程攻击者可通过(1)在viewmode.php的year参数,或在index.php中的(2)cat_id,(3)month_no或(4)post_id参数(这些参数在系统显示错误信息之前未经正确审查),注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A