Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in MyWeight 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) date parameter to user_addfood.php, info parameter to (2) user_forgot_pwd_form.php and (3) user_login.php, and (4) return parameter to user_login.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
phplemon myweight user_addfood.php 日期参数跨站脚本攻击漏洞
Vulnerability Description
MyWeight 1.0版本中存在多个跨站脚本攻击漏洞。远程攻击者可以借助提交到user_addfood.php的日期参数,到(2)user_forgot_pwd_form.php和(3)user_login.php的info参数,到user_login.php的返回参数,注入任意的web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A