Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ddd
Vulnerability Description
A Stored Cross Site Scripting vulnerability has been found in UltimatePOS by UltimateFosters. This vulnerability is due to the lack of proper validation of user inputs via ‘/products/<PRODUCT_ID>/edit’, affecting to ‘name’ parameter via POST. The vulnerability could allow a remote attacker to send a specially crafted query to an authenticated user and steal his/her session cookies details.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Q2A Ultimate SEO 跨站脚本漏洞
Vulnerability Description
Q2A Ultimate SEO是Q2A Projects团队的一款为Question2Answer提供搜索引擎优化功能的组件。 Q2A Ultimate SEO存在跨站脚本漏洞,该漏洞源于对/products/<PRODUCT_ID>/edit中name参数输入验证不足,可能导致存储型跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A