7 matches found
CVE-2020-23719
Cross site scripting XSS vulnerability in application/controllers/AdminController.php in xujinliang zibbs 1.0, allows attackers to execute arbitrary code via the bbsmeta parameter...
CVE-2020-23719
Cross site scripting XSS vulnerability in application/controllers/AdminController.php in xujinliang zibbs 1.0, allows attackers to execute arbitrary code via the bbsmeta parameter...
Cross site scripting
Cross site scripting XSS vulnerability in application/controllers/AdminController.php in xujinliang zibbs 1.0, allows attackers to execute arbitrary code via the bbsmeta parameter...
Cross site scripting
Cross site scripting XSS vulnerability in xujinliang zibbs 1.0, allows attackers to execute arbitrary code via the route parameter to index.php...
CVE-2020-23719
CVE-2020-23719 affects xujinliang zibbs 1.0, with an XSS vulnerability in application/controllers/AdminController.php. The bbsmeta parameter can be manipulated to execute arbitrary code. CVSS data included in the record indicate a high/severe impact: CVSS v3.1 base score 9.6 (CRITICAL), NETWORK a...
CVE-2020-23718
The CVE-2020-23718 entry describes a Cross-Site Scripting (XSS) vulnerability in xujinliang zibbs 1.0 (Zibbs Forum). The root cause, as stated across sources, is insufficient filtering/escaping of the route parameter in index.php, enabling an attacker to execute arbitrary code. Public references ...
CVE-2020-23718
Cross site scripting XSS vulnerability in xujinliang zibbs 1.0, allows attackers to execute arbitrary code via the route parameter to index.php...