Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In PEAR HTTP_Request2 before 2.7.0, multiple files in the tests directory, notably tests/_network/getparameters.php and tests/_network/postparameters.php, reflect any GET or POST parameters, leading to XSS.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
Vulnerability Type
通过测试代码导致的信息暴露
Vulnerability Title
HTTP_Request2 安全漏洞
Vulnerability Description
HTTP_Request2是PEAR开源的一个提供了一种执行HTTP请求的简单方法(并且不需要curl扩展)。 HTTP_Request2 2.7.0之前版本存在安全漏洞,该漏洞源于测试目录中多个文件反射GET或POST参数,可能导致跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A