Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in DKScript.com Dragon's Kingdom Script 1.0 allow remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element in the (1) Subject and (2) Message fields in a do=write (aka Send Mail Message) action in gamemail.php; the (3) Gender, (4) Country/Location, (5) MSN Messenger, (6) AOL Instant Messenger, (7) Yahoo Instant Messenger, and (8) ICQ fields in a do=onlinechar (aka Edit your Profile) action in index.php, as accessed by dk.php; a javascript URI in the SRC attribute of an IMG element in the (9) Title and (10) Message fields in a do=new (aka Create Thread) action in general.php; and a javascript URI in the SRC attribute of an IMG element in unspecified fields in (11) other Forum posts and (12) Forum replies.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dragons Kingdom脚本多个跨站脚本攻击(XSS) 漏洞
Vulnerability Description
DKScript.com Dragon's Kingdom Script 1.0存在多个跨站脚本攻击(XSS) 漏洞。 远程攻击者可以借助gamemail.php中的do=write (又称Send Mail Message)操作中的 (1) Subject 和(2) Message字段;由dk.php访问的index.php中的do=onlinechar (又称 Edit your Profile) 中的 (3) Gender, (4) Country/Location, (5) MSN Messeng
CVSS Information
N/A
Vulnerability Type
N/A