Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in admin.php in Phorum before 5.1.22 allow remote attackers to inject arbitrary web script or HTML via the (1) group_id parameter in the groups module or (2) the smiley_id parameter in the smileys modsettings module.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Phorum admin.php文件输入验证漏洞
Vulnerability Description
Phorum是一款基于PHP的WEB论坛程序,可在Linux和Unix操作系统下使用,也可在Microsoft Windows操作系统下使用。 Phorum的admin.php文件中module变量可能导致泄露路径。 在编辑banlist时使用了GET方式,漏洞代码位于include/admin/banlist.php的47行: -------------------------------------------------- if(isset($_GET["curr"])){ if(isset($_G
CVSS Information
N/A
Vulnerability Type
N/A