Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Invision Power Board 2.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) result_type, (2) search_in, (3) nav, (4) forums, and (5) s parameters in the Search action to index.php; (6) st parameter to index.php with showtopics set to 1; (7) m, (8) y, and (9) d parameters in a calendar action; (10) t parameter in a Print action; (11) MID parameter in a Mail action; (12) HID parameter in a Help action; (13) active parameter in a search action; (14) sort_order, (15) max_results, or (16) sort_key parameter in a Members action.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Invision Power Board多个跨站脚本攻击漏洞
Vulnerability Description
在Invision Power Board 2.0.4中存在多个跨站脚本攻击(XSS)漏洞,远程攻击者可通过以下途径注入任意Web脚本或HTML:用于index.php中Search操作的(1) result_type,(2) search_in,(3) nav,(4) forums,和(5) s 参数;用于index.php中将showtopics设为1的(6) st参数;在一个calendar操作中的(7) m,(8) y,和(9) d参数;在一个Print操作中的(10) t参数;在一个Mail操作
CVSS Information
N/A
Vulnerability Type
N/A