BlueSpice 跨站脚本漏洞

BlueSpice is free Wiki software from BlueSpice based on the MediaWiki engine. BlueSpice suffers from a cross-site scripting vulnerability that stems from its BlueSpiceUserSidebar extension that allows users with regular account and edit privileges to inject arbitrary HTML into their own and other...

Menu Manager Mod for WebAPP - No Input Filtering

There is a system access vulnerability in the Menu Manager Mod for WebAPP. This mod is available at http://www.2xlnt.com/webapp/development/app.cgi?action=downloadinfo&cat=webappmods&id=3 . System commands can be entered in user's personal menus. Any system command works there and allows reading ...