There is an Stored Cross Site Scripting vulnerability in your latest version of the CMS v6.0.6
Download link: "https://www.damicms.com/downes/dami.rar"
In the DamicmsV6.0.6\Admin\Lib\Action\LabelAction.class.php, No filtering to title in the doadd() function:
Vulnerability trigger point http://localhost/admin.php?s=/Index/index
1、Log in as admin
2、Choose this part
3、Add content
4、Added refresh vulnerability trigger point
Fix:
Filter the title parameter.
The text was updated successfully, but these errors were encountered:
There is an Stored Cross Site Scripting vulnerability in your latest version of the CMS v6.0.6







Download link: "https://www.damicms.com/downes/dami.rar"
In the DamicmsV6.0.6\Admin\Lib\Action\LabelAction.class.php, No filtering to title in the doadd() function:
Vulnerability trigger point
http://localhost/admin.php?s=/Index/index
1、Log in as admin
2、Choose this part
3、Add content
4、Added refresh vulnerability trigger point
Fix:
Filter the title parameter.
The text was updated successfully, but these errors were encountered: