Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SQL injection vulnerability in SiAdmin
Vulnerability Description
Vulnerability in SiAdmin 1.1 that allows XSS via the /show.php query parameter. This vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and thereby steal their cookie session credentials.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
SiAdmin 安全漏洞
Vulnerability Description
SiAdmin是一个应用。 SiAdmin 1.1版本存在安全漏洞,该漏洞源于存在跨站脚本漏洞,允许远程攻击者向经过身份验证的用户发送特制的URL从而窃取cookie会话凭据。
CVSS Information
N/A
Vulnerability Type
N/A