漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
N/A
漏洞信息
Multiple SQL injection vulnerabilities in the generate_csv function in classes/class.news.php in X-dev xNews 1.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id, (2) from, and (3) q parameters, different vectors than CVE-2007-0569. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
漏洞信息
N/A
漏洞
N/A
漏洞
X-dev xNews 'class.news.php' 多个SQL注入漏洞
漏洞信息
X-dev xNews 1.3版本及其早期版本的classes/class.news.php中的generate_csv函数中存在多个SQL注入漏洞。远程攻击者可以借助(1)id,(2)from,和(3)q参数,执行任意SQL指令。
漏洞信息
N/A
漏洞
N/A