Stored Cross-site Scripting and SQL Injection Vulnerabilities in YXcms Backend Membership Management System
YXCMS is an efficient website management system built on PHP+MYSQL. A stored cross-site scripting and SQL injection vulnerability exists in the YXcms backend member management system. An attacker can exploit the vulnerabilities to obtain information such as database information and user cookies,...