Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in SiteBar 3.3.8 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to integrator.php; (2) the token parameter in a New Password action, (3) the nid_acl parameter in a Folder Properties action, or (4) the uid parameter in a Modify User action to command.php; or (5) the target parameter to index.php, different vectors than CVE-2006-3320.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SiteBar 多个跨站脚本攻击漏洞
Vulnerability Description
SiteBar 3.3.8版本中存在多个跨站脚本攻击漏洞。远程攻击者可以借助(1)对 integrator.php的lang参数; (2)一个New Password操作中的token参数, (3) Folder Properties操作的nid_acl参数, 或(4)对command.php的Modify User操作的uid参数; 或(5)对index.php的目标参数,注入任意web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A