Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in ACG-PTP 1.0.6 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) Category name field under Advertisement Packages, the (2) Reason field under Credit/Debit Users, and the (3) FAQ question and (4) FAQ answer fields under Add New FAQ Entry.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ACG-PTP index.php 跨站脚本攻击漏洞
Vulnerability Description
ACG-PTP是一套php开发的网站系统。 ACG-PTP 1.0.6版本中的admin/index.php存在多个跨站脚本攻击漏洞。远程经认证的管理员用户可以借助Advertisement信息包中的类别名字段、Credit/Debit用户下的Reason字段、添加新的FAQ入口下的FAQ问题和FAQ答案字段,注入任意的web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A