Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
sproctor php-calendar index.php cross site scripting
Vulnerability Description
A vulnerability was identified in sproctor php-calendar up to 2.0.13. This impacts an unknown function of the file index.php. Such manipulation of the argument $_SERVER['PHP_SELF'] leads to cross site scripting. The attack may be launched remotely. The name of the patch is a2941109b42201c19733127ced763e270a357809. It is advisable to implement a patch to correct this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
PHP-Calendar 跨站脚本漏洞
Vulnerability Description
PHP-Calendar是Sean Proctor个人开发者的一个日历应用程序。 PHP-Calendar 存在安全漏洞,该漏洞源于组件 index.php 的未知部分,操纵参数 $_SERVER[ PHP_SELF ] 会导致跨站脚本。
CVSS Information
N/A
Vulnerability Type
N/A