5 matches found
CVE-2021-43682
thinkphp-bjyblog last update Jun 4 2021 is affected by a Cross Site Scripting XSS vulnerability in AdminBaseController.class.php. The exit function terminates the script and prints a message to the user that contains $SERVER'HTTPHOST'...
CVE-2021-43682
thinkphp-bjyblog last update Jun 4 2021 is affected by a Cross Site Scripting XSS vulnerability in AdminBaseController.class.php. The exit function terminates the script and prints a message to the user that contains $SERVER'HTTPHOST'...
Cross site scripting
thinkphp-bjyblog last update Jun 4 2021 is affected by a Cross Site Scripting XSS vulnerability in AdminBaseController.class.php. The exit function terminates the script and prints a message to the user that contains $SERVER'HTTPHOST'...
CVE-2021-43682
thinkphp-bjyblog last update Jun 4 2021 is affected by a Cross Site Scripting XSS vulnerability in AdminBaseController.class.php. The exit function terminates the script and prints a message to the user that contains $SERVER'HTTPHOST'...
CVE-2021-43682
CVE-2021-43682 affects thinkphp-bjyblog and is caused by an XSS issue in AdminBaseController.class.php due to insufficient input filtering. The exit function can print a message containing $_SERVER['HTTP_HOST'], potentially exposing server information or enabling crafted payloads to reflect data....