Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in FlatnuX CMS (aka Flatnuke3) 2008-12-11 allow remote attackers to inject arbitrary web script or HTML via (1) the mod parameter to the default URI; (2) the foto parameter to photo.php in the 05_Foto module; or (3) the name parameter in an insertrecord action to index.php in the 08_Files module, as demonstrated by injection within a SRC attribute of an IFRAME element.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Flatnux 'photo.php' Multiple 跨站脚本攻击漏洞
Vulnerability Description
FlatnuX CMS (又称Flatnuke3) 2008-12-11中存在多个跨站脚本攻击漏洞。远程攻击者可以借助(1)对默认URI的mod参数; (2)对05_Foto模块中的photo.php的foto参数 ;或(3)对08_Files module的index.php地一个插入操作中的命名参数,注入任意web脚本或HTML,例如对一个IFRAME元件中的SRC属性的注入。
CVSS Information
N/A
Vulnerability Type
N/A