Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, allow remote attackers to inject arbitrary web script or HTML via the (1) forum_id parameter in forum.php, which is not properly handled in block_forum_topics.php, and (2) item_id parameter in reviews.php, which is not properly handled in block_reviews.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ViArt Shop 多个跨站脚本攻击漏洞
Vulnerability Description
ViArt Shop Free 2.5.5和可能的其他版本包含轻量版、标准版和企业版存在多个跨站脚本攻击(XSS)漏洞,远程攻击者可通过(1)在forum.php内的forum_id参数(在block_forum_topics.php内不能正确处理),和(2)在reviews.php内的item_id参数(在block_reviews.php内不能正确处理),来注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A