2 matches found
CVE-2018-10250
iCMS V7.0.8 has XSS via the admincp.php keywords parameter in a weixincategory action, aka a WeChat Classified Management keyword search...
CVE-2018-10250
iCMS v7.0.8 contains a Cross-Site Scripting (XSS) vulnerability in the weixin_category action, exploited via the admincp.php keywords parameter. The issue arises from insufficient sanitization of the keywords input, enabling injection of arbitrary script/HTML when interacting with the WeChat Clas...