3 matches found
WUZHI CMS Cross-Site Scripting Vulnerability (CNVD-2018-10861)
WUZHI CMS is China's five fingers WUZHI Internet technology company based on PHP and MySQL open source content management system CMS. A cross-site scripting vulnerability exists in 'Account Management-Member Center-Chinese Information-Ordinary Member' in WUZHI CMS version 4.1.0. A remote attacker...
Cross site scripting
An issue was discovered in WUZHI CMS 4.1.0 There is a Stored XSS Vulnerability in "Account Settings - Member Centre - Chinese information - Ordinary member" via a QQ number, as demonstrated by a formqq10= substring...
PT-2018-10656 · Wuzhi · Wuzhi Cms
Name of the Vulnerable Software and Affected Versions: WUZHI CMS version 4.1.0 Description: A Stored XSS issue was found in the "Account Settings - Member Centre - Chinese information - Ordinary member" section, specifically via a QQ number. This can be exploited through a form submission, where...