Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.6.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the com_contact component, as demonstrated by the Itemid parameter to index.php; (2) the query string to the com_content component, as demonstrated by the filter_order parameter to index.php; (3) the query string to the com_newsfeeds component, as demonstrated by an arbitrary parameter to index.php; or (4) the option parameter in a reset.request action to index.php; and, when Internet Explorer or Konqueror is used, (5) allow remote attackers to inject arbitrary web script or HTML via the searchword parameter in a search action to index.php in the com_search component.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Joomla!多个跨站脚本攻击漏洞
Vulnerability Description
Joomla!是美国Open Source Matters团队的一套使用PHP和MySQL开发的开源、跨平台的内容管理系统(CMS)。 Joomla! 1.6.4之前版本中存在多个跨站脚本攻击漏洞。远程攻击者可借助com_contact组件,com_content组件和com_newsfeedst组件中的查询字符串,在使用Internet Explorer或Konqueror时,对index.php的reset.request操作中的option参数,以及对index.php的搜索操作中的searchwo
CVSS Information
N/A
Vulnerability Type
N/A