Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in BMForum 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) outpused parameter to index.php, the (2) footer_copyright and (3) verandproname parameters to newtem/footer/bsd01footer.php, and the (4) topads and (5) myplugin parameters to newtem/header/bsd01header.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BMForum 多个跨站脚本攻击漏洞
Vulnerability Description
BMForum是一款应用于个人、商业领域的基于MySQL数据库开放源码的PHP论坛程序 BMForum 5.6版本中存在多个跨站脚本攻击漏洞。远程攻击者可以借助(1)对index.php的outpused参数,(2)footer_copyright和(3)对newtem/footer/bsd01footer.php的verandproname参数,以及(4)topads以及(5)对newtem/header/bsd01header.php的myplugin参数,注入任意web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A