N/A

Cross-site scripting (XSS) vulnerability in index.php in ezPortal/ztml CMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) about, (2) again, (3) lastname, (4) email, (5) password, (6) album, (7) id, (8) table, (9) desc, (10) doc, (11) mname, (12) max, (13) htpl, (14) pheader, and possibly other parameters.

N/A

N/A

EzPortal 'index.php'跨站脚本攻击(XSS)漏洞

ezPortal/ztml CMS 1.0中的index.php脚本存在跨站脚本攻击(XSS)漏洞，远程攻击者可借助(1) about，(2) again，(3) lastname，(4) email，(5) password，(6) album，(7) id，(8) table，(9) desc，(10) doc，(11) mname，(12) max，(13) htpl，(14) pheader，可能还包括其它参数，来注入任意Web脚本或HTML。

N/A

N/A