WordPress plugin 畅言评论系统 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security...

The vulnerability of the comments system on the Anycomment.io website lies in the lack of protection for the web page structure, allowing attackers to execute arbitrary JavaScript code.

The vulnerability of the comments system for the Anycomment.io website is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code remotely...

MonAlbum 0.8.7 SQL Injection

advisory by undefined1 @ bash-x.net/undef/ Mon Album 0.8.7 http://www.3dsrc.com/monalbum/ There are 2 sql injection flaws in MonAlbum 0.8.7. First in index.php line 99 if isset$GET"pc" $pc = $GET"pc"; ... no sanity checks if isset$pc && $grechinactive $result = executerequete"select idrub, nom,...