Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in index.php in DevTracker module 3.0 for bcoos 1.1.11 and earlier, and DevTracker module 0.20 for E-XooPS 1.0.8 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) direction and (2) order_by parameters.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Bcoos DevTracker模块多个跨站脚本攻击漏洞
Vulnerability Description
bcoos是一套开源的使用PHP和MYSQL开发的的社区内容管理系统。 bcoos 1.1.11以及之前的版本的DevTracker模块3.0和E-XooPS 1.0.8以及之前的版本的DevTracker模块0.20中的index.php存在多个跨站脚本攻击漏洞。远程攻击者可以借助direction参数和order_by参数,注入任意的web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A