Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
controllers/admin/Linkage.php in dayrui FineCms 5.3.0 has Cross Site Scripting (XSS) via the id or lid parameter in a c=linkage,m=import request to admin.php, because the xss_clean protection mechanism is defeated by crafted input that lacks a '<' or '>' character.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dayrui FineCms 跨站脚本漏洞
Vulnerability Description
Dayrui FineCms是中国天睿(Dayrui)程序设计团队发布的一套使用MVC架构和PDO数据库接口开发的内容管理系统(CMS)。 Dayrui FineCms 5.3.0版本中的controllers/admin/Linkage.php文件存在跨站脚本漏洞。远程攻击者可利用该漏洞注入任意的Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A