Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro 1.0.73, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via (1) the print parameter to the print module, the sitename parameter to (2) bb_smilies or (3) bbcode_ref module, or (4) the hlpfile parameter to openwindow.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MAXdev MD-Pro多个跨站点脚本漏洞
Vulnerability Description
MAXdev MD-Pro是一个CMS系统,可以显示和管理一个网站内容的应用程序。MD-Pro让网站的管理简单而强大。 MAXdev MD-Pro 1.0.73以及可能之前较早的版本中包含多个跨站点脚本(XSS)漏洞,远程攻击者可以通过(1)打印模块的打印参数、(2)bb_smilies或(3)bbcode_ref module的站点名称参数、或者(4)openwindow.php的hlpfile参数来注入任意的Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A