Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in WeBid 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) TPL_name, (2) TPL_nick, (3) TPL_email, (4) TPL_year, (5) TPL_address, (6) TPL_city, (7) TPL_prov, (8) TPL_zip, (9) TPL_phone, (10) TPL_pp_email, (11) TPL_authnet_id, (12) TPL_authnet_pass, (13) TPL_worldpay_id, (14) TPL_toocheckout_id, or (15) TPL_moneybookers_email in a first action to register.php or the (16) username parameter in a login action to user_login.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WeBid 跨站脚本漏洞
Vulnerability Description
WeBid是一套开源的拍卖网站建站解决方案。 WeBid 1.1.1中存在跨站脚本漏洞。远程攻击者可通过当程序执行first操作时,register.php脚本中的多个参数(包括:TPL_name,TPL_nick,TPL_email,TPL_year,TPL_address,TPL_city,TPL_prov,TPL_zip,TPL_phone,TPL_pp_email,TPL_authnet_id,TPL_authnet_pass,TPL_worldpay_id,TPL_toocheckout_id,
CVSS Information
N/A
Vulnerability Type
N/A