6 matches found
CVE-2024-6942
A vulnerability, which was classified as problematic, was found in ThinkSAAS 3.7.0. Affected is an unknown function of the file app/system/action/anti.php of the component Admin Panel Security Center. The manipulation of the argument ip/email/phone leads to cross site scripting. It is possible to...
CVE-2024-6942
A vulnerability, which was classified as problematic, was found in ThinkSAAS 3.7.0. Affected is an unknown function of the file app/system/action/anti.php of the component Admin Panel Security Center. The manipulation of the argument ip/email/phone leads to cross site scripting. It is possible to...
CVE-2024-6942 ThinkSAAS Admin Panel Security Center anti.php cross site scripting
A vulnerability, which was classified as problematic, was found in ThinkSAAS 3.7.0. Affected is an unknown function of the file app/system/action/anti.php of the component Admin Panel Security Center. The manipulation of the argument ip/email/phone leads to cross site scripting. It is possible to...
CVE-2024-6942
ThinkSAAS 3.7.0 Admin Panel Security Center contains a cross-site scripting flaw in file app/system/action/anti.php. Manipulating ip, email, or phone arguments can be exploited remotely; exploit has been disclosed publicly. Multiple connected sources confirm affected software and component. Pract...
CVE-2024-6941 ThinkSAAS do.php cross site scripting
A vulnerability, which was classified as problematic, has been found in ThinkSAAS 3.7.0. This issue affects some unknown processing of the file app/system/action/do.php. The manipulation of the argument sitetitle/sitesubtitle/sitekey/sitedesc/siteurl/siteemail/siteicp leads to cross site scriptin...
CVE-2024-6941
ThinkSAAS 3.7.0 is affected by a cross-site scripting vulnerability in the processing of app/system/action/do.php. The issue arises from manipulating arguments site_title, site_subtitle, site_key, site_desc, site_url, site_email, and site_icp, enabling potential remote exploitation. The PT-Securi...