إرسال #651884: yi-ge get-header-ip master CWE-79المعلومات

عنوان	yi-ge get-header-ip master CWE-79
الوصف	in file ip.php if (isset($_GET['callback'])) { echo trim($_GET['callback']) . '(' . json_encode(['ip' => $ip]) . ')'; } else { echo $ip . "\n"; } CWE: CWE-79-Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE Description: The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
المصدر	⚠️ https://github.com/yi-ge/get-header-ip/blob/master/ip.php#L32
المستخدم	dev03303 (UID 85336)
ارسال	10/09/2025 09:08 AM (8 أشهر منذ)
الاعتدال	25/09/2025 07:54 AM (15 days later)
الحالة	تمت الموافقة
إدخال VulDB	325814 [yi-ge get-header-ip حتى 589b23d0eb0043c310a6a13ce4bbe2505d0d0b15 ip.php callback البرمجة عبر المواقع]
النقاط	20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!