In the UKCMSv1.1.10\application\home\controller\Single.php, No filtering to data in the index( ) function:
Vulnerability trigger point http://localhost/admin.php/admin/content/guestbook.html
1、Go to the front page to find the message board
2、Add a message
3、Log in as admin
4、Choose this part
5、XSS vulnerability popup
Fix:
This is an XSS vulnerability, this vulnerability is because no filtering to data in the index( ) function.
The text was updated successfully, but these errors were encountered:
There is an Stored Cross Site Scripting vulnerability in your latest version of the CMS v1.1.10
Download link: "http://down.ukcms.com/down.php?v=1.1.10"
In the UKCMSv1.1.10\application\home\controller\Single.php, No filtering to data in the index( ) function:






Vulnerability trigger point
http://localhost/admin.php/admin/content/guestbook.html
1、Go to the front page to find the message board
2、Add a message
3、Log in as admin
4、Choose this part
5、XSS vulnerability popup
Fix:
This is an XSS vulnerability, this vulnerability is because no filtering to data in the index( ) function.
The text was updated successfully, but these errors were encountered: