Cross-site Scripting Vulnerability in Discuz!

Discuz! is a very popular Web forum program in the Chinese community. A cross-site scripting vulnerability exists in Discuz! X3.4, which stems from the failure of admincp/admincpsetting.php and template\default\common\footer.htm to properly handle the statcode field, which can be exploited to...

Code injection

Discuz! X3.4 allows XSS via admin.php because admincp/admincpsetting.php and template\default\common\footer.htm mishandles statcode field from third-party stats code...

WUZHI CMS Cross-Site Scripting Vulnerability (CNVD-2019-09138)

WUZHI CMS is five fingers WUZHI company based on PHP and MySQL open source content management system CMS. WUZHI CMS 4.1.0 there is a cross-site scripting vulnerability , attackers can index.php?m=core&f=set&v=basic formstatcode parameter to exploit the vulnerability for cross-site scripting attac...

CVE-2018-16350

WUZHI CMS 4.1.0 has XSS via the index.php?m=core&f=set&v=basic formstatcode parameter...

CVE-2018-16350

WUZHI CMS 4.1.0 has XSS via the index.php?m=core&f=set&v=basic formstatcode parameter...

CVE-2018-16350

CVE-2018-16350 affects WUZHI CMS 4.1.0 and is described as a cross-site scripting (XSS) vulnerability in the form parameter: index.php?m=core&f=set&v=basic form[statcode]. The connected documents confirm the vulnerability location (the set/basic form[statcode] field) and the product version, but ...

CVE-2018-16350

WUZHI CMS 4.1.0 has XSS via the index.php?m=core&f=set&v=basic formstatcode parameter...