3 matches found
CVE-2024-30925
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the photo-thumbs.php component...
DerbyNet 安全漏洞
DerbyNet is a simple code for a match broadcasting program. A cross-site scripting vulnerability exists in the DerbyNet racerid parameter due to improper validation of user-supplied input in the photo-thumbs.php script. An attacker could use this vulnerability to steal the victim's cookie-based...
PT-2024-23675 · Derbynet · Derbynet
Name of the Vulnerable Software and Affected Versions: DerbyNet versions 9.0 and below Description: The issue allows attackers to execute arbitrary code via the photo-thumbs.php component. This is a Cross Site Scripting vulnerability. Recommendations: For DerbyNet versions 9.0 and below, consider...