4 matches found
CVE-2026-1151
A weakness has been identified in technical-laohu mpay up to 1.2.4. The affected element is an unknown function of the component User Center. This manipulation of the argument Nickname causes cross site scripting. The attack may be initiated remotely. The exploit has been made available to the...
CVE-2026-1151 technical-laohu mpay User Center cross site scripting
A weakness has been identified in technical-laohu mpay up to 1.2.4. The affected element is an unknown function of the component User Center. This manipulation of the argument Nickname causes cross site scripting. The attack may be initiated remotely. The exploit has been made available to the...
CVE-2026-1151
CVE-2026-1151 affects technical-laohu mpay (User Center) up to version 1.2.4. Manipulating the Nickname argument in an unknown function enables cross-site scripting. The issue can be exploited remotely and public PoCs exist. Remediation: update to version 1.2.4 or later (versions prior to 1.2.4 s...
PT-2026-3434
Name of the Vulnerable Software and Affected Versions technical-laohu mpay versions up to 1.2.4 Description A flaw exists in the User Center component of technical-laohu mpay. Manipulation of the Nickname argument within an unknown function can lead to cross site scripting. The exploit is publicl...