Lucene search
China National Vulnerability DatabaseCNVD-2023-64110HistoryAug 17, 2023 - 12:00 a.m.
phpRecDB Cross-Site Scripting Vulnerability
2023-08-1700:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
phprecdb
cross-site scripting
vulnerability
web script
html
injection
record collection
EPSS
0.001
Percentile
22.4%
phpRecDB is a free php script from phpRecDB Inc. It is used to create a real-time record collection website. A cross-site scripting vulnerability exists in phpRecDB version 1.3.1, which stems from the lack of effective filtering and escaping of user-supplied data in the parameter r/view of the file /index.php, and can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a crafted payload.
Related
cvelist
cvelist
CVE-2023-4371 phpRecDB index.php cross site scripting
2023-08-15 15:00:06
prion
prion
Cross site scripting
2023-08-15 15:15:00
nvd
nvd
CVE-2023-4371
2023-08-15 15:15:09
cve
cve
CVE-2023-4371
2023-08-15 15:15:09