CVE-2022-37254

Vulnerability summary: CVE-2022-37254 affects DolphinPHP 1.5.1 with a Cross Site Scripting (XSS) flaw reachable via the backend: Background → System → system function → Configuration Management. The issue is documented across multiple sources (NVD, CVE lists) with a CVSSv3.1 base score of 5.4 (Me...

CVE-2022-37254

DolphinPHP 1.5.1 is vulnerable to Cross Site Scripting XSS via Background - System - system function - configuration management...

DolphinPHP跨站脚本漏洞

DolphinPHP is an open source Php rapid development framework based on ThinkPhp 5.1.34 Lts. A security vulnerability exists in DolphinPHP version 1.5.1, which originates from cross-site scripting XSS via Backend-System-System Functions-Configuration Management...

PT-2022-23897 · Unknown · Dolphinphp

Name of the Vulnerable Software and Affected Versions: DolphinPHP version 1.5.1 Description: The issue concerns Cross Site Scripting XSS via the Background - System - system function - configuration management. This allows for potential malicious script injection. Recommendations: For DolphinPHP...

Dolphin PHP Cross-Site Scripting Vulnerability

DolphinPhp is a set of Php rapid development framework based on ThinkPhp 5.1.34 Lts. A cross-site scripting vulnerability exists in DolphinPHP 1.5.0 and prior versions, which stems from the program's lack of data validation filtering of user-supplied and output data. An attacker could exploit the...

CVE-2022-1086

A vulnerability was found in DolphinPHP up to 1.5.0 and classified as problematic. Affected by this issue is the User Management Page. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2022-1086

A vulnerability was found in DolphinPHP up to 1.5.0 and classified as problematic. Affected by this issue is the User Management Page. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...

Cross site scripting

A vulnerability was found in DolphinPHP up to 1.5.0 and classified as problematic. Affected by this issue is the User Management Page. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2022-1086 DolphinPHP User Management Page cross site scripting

A vulnerability was found in DolphinPHP up to 1.5.0 and classified as problematic. Affected by this issue is the User Management Page. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2022-1086

DolphinPHP up to 1.5.0 is affected by a cross-site scripting vulnerability in the User Management Page. The issue stems from insufficient input/output data validation, allowing remote attacker exploitation and client-side JavaScript execution. Exploit information has been disclosed publicly. No r...

DolphinPHP 跨站脚本漏洞

DolphinPhp is a set of Php rapid development framework based on ThinkPhp 5.1.34 Lts. A cross-site scripting vulnerability exists in DolphinPHP 1.5.0 and prior versions, which stems from the program's lack of data validation filtering of user-supplied and output data. An attacker could exploit the...

CVE-2021-46097

Dolphinphp v1.5.0 contains a remote code execution vulnerability in /application/common.phpactionlog...

CVE-2021-46097

Dolphinphp v1.5.0 contains a remote code execution vulnerability in /application/common.phpactionlog...

CVE-2021-46097

Dolphinphp v1.5.0 contains a remote code execution vulnerability in /application/common.phpactionlog...

Remote code execution

Dolphinphp v1.5.0 contains a remote code execution vulnerability in /application/common.phpactionlog...

CVE-2021-46097

DolphinPHP v1.5.0 is affected by a remote code execution vulnerability in /application/common.php#action_log. The root cause is input handling in the common.php component (manipulation of the argument id) that permits arbitrary commands to be executed, with remote, unauthenticated access potentia...

CVE-2021-46097

Dolphinphp v1.5.0 contains a remote code execution vulnerability in /application/common.phpactionlog...

Dolphinphp 代码问题漏洞

DolphinPhp is an open source Php rapid development framework based on ThinkPhp 5.1.34 Lts. A security vulnerability exists in Dolphinphp v1.5.0, which stems from a lack of command data filtering and escaping in common.php, allowing an attacker to perform remote code execution...

Dolphin PHP has a command execution vulnerability

DolphinPHP is an open source PHP rapid development framework based on ThinkPHP5.. DolphinPHP has a command execution vulnerability, which can be exploited to gain access to the server...