Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Chamberland Technology ezWaiter 3.0 Online and possibly Enterprise Software (aka enterprise edition) allow remote attackers to inject arbitrary web script or HTML via the (1) itemfor (aka "Who is this item for?") and (2) special (aka "Special Instructions") parameters to item.php, which is accessed from showorder.php, or (3) unspecified parameters to the login form at login.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Chamberland Technology ezWaiter 多个跨站脚本攻击 (XSS) 漏洞
Vulnerability Description
Chamberland Technology ezWaiter 3.0 Online以及可能的Enterprise Software (又称企业版) 存在多个跨站脚本攻击 (XSS) 漏洞。远程攻击者可以借助从访问的,对item.php的 (1) itemfor (又称"Who is this item for?") 和 (2) special (又称 "Special Instructions") 参数,或 (3) 对login.php的登录表单的未明参数,注入任意web脚本或HTML 。
CVSS Information
N/A
Vulnerability Type
N/A