漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Stored Cross-site Scripting (XSS) in phpipam/phpipam
Vulnerability Description
A stored cross-site scripting (XSS) vulnerability exists in phpipam/phpipam version 1.5.2. The vulnerability occurs in the 'Device Management' section under 'Administration' where an attacker can inject malicious scripts into the 'Name' and 'Description' fields when adding a new device type. This can lead to data theft, account compromise, distribution of malware, website defacement, and phishing attacks. The issue is fixed in version 1.7.0.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
phpIPAM 跨站脚本漏洞
Vulnerability Description
phpIPAM是phpIPAM开源的一套开源的基于PHP和MySQL的IP地址管理应用程序(IPAM)。 phpIPAM 1.5.2版本存在跨站脚本漏洞,该漏洞源于Device Management部分存在存储型跨站脚本漏洞,攻击者可在添加新设备类型时注入恶意脚本,可能导致数据窃取、账户泄露和恶意软件分发。
CVSS Information
N/A
Vulnerability Type
N/A