2 matches found
Cross-site Scripting (XSS) - Stored in zoujingli/thinkadmin
Description Stored XSS Content allows for the arbitrary execution of JavaScript Proof of Concept In Wechat management at feature - Reply rule management - Follow reply configuration - Default reply configuration - Follow automatic replies Save Reply text with payload : \x3csVg/\x3e XSS will trigg...
SQL injection vulnerability in phpwechat wechatmanage.class.php
phpwechat is a simple framework for building a PC website + wechat public platform. phpwechat wechatmanage.class.php suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information using commonly used SQL injection tools...