Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS 2.1 SR1 allow remote attackers to inject arbitrary web script or HTML via the (1) login parameter in admin/cms/index.php, (2) unspecified parameters in the "Supply news" page in formmail.php, (3) the URL in the "Site statistics" page, and the (5) query_string parameter when performing a search.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Jetbox 多个跨站脚本攻击(XSS)漏洞
Vulnerability Description
Jetbox CMS 2.1 SR1存在多个跨站脚本攻击(XSS)漏洞,远程攻击者可借助:(1) admin/cms/index.php脚本中的login参数,(2) formmail.php脚本"提供信息页面"中的不明参数,(3) "站点统计"页面中的URL,和(5) 执行搜索功能时的query_string参数,来注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A