Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attackers to obtain sensitive information via a request with an arbitrary catname parameter but no itemsdb parameter, which reveals the path in an error message. NOTE: CVE analysis suggests that this error might be resultant from a more serious issue such as directory traversal.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mini Web Shop 'Viewcategory.PHP'跨站脚本攻击漏洞
Vulnerability Description
Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c中的modules/viewcategory.php存在跨站脚本攻击漏洞。远程攻击者可以通过带有一个任意catname参数但没有itemsdb参数的请求,导致系统在出错消息内泄露路径,来获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A