The vulnerability of the Fortinet FortiNAC access control device lies in its lack of measures to protect the website structure, allowing attackers to execute cross-site scripting attacks.

The vulnerability of the Fortinet FortiNAC network access control device is related to the lack of protection for the website structure when processing the User ID parameter for the administrator. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...

Sourcecodester Baby Care System SQL注入漏洞

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability that originates in /admin/uesrs.php & action=type & userrole=Admin & userid= where the userid parameter lacks...

CVE-2017-16821

b3log Symphony aka Sym 2.2.0 has XSS in processor/AdminProcessor.java in the admin console, as demonstrated by a crafted X-Forwarded-For HTTP header that is mishandled during display of a client IP address in /admin/user/userid...