إرسال #651885: wangchenyi1996 chat_forum master CWE-79المعلومات

عنوانwangchenyi1996 chat_forum master CWE-79
الوصفIn file q.php ```php <?php foreach(range(1,$_GET['num']) as $_num){?> <dd><img src="<?php echo $_GET['path'].$_num?>.png" title="贴图<?php echo $_GET['path'].$_num?>.png" ``` CWE: CWE-79-Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE Description: The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
المصدر⚠️ https://github.com/wangchenyi1996/chat_forum/blob/master/q.php#L31
المستخدم
 dev03301 (UID 88717)
ارسال10/09/2025 09:15 AM (8 أشهر منذ)
الاعتدال17/09/2025 04:33 PM (7 days later)
الحالةتمت الموافقة
إدخال VulDB324675 [wangchenyi1996 chat_forum حتى 80bdb92f5b460d36cab36e530a2c618acef5afd2 /q.php path البرمجة عبر المواقع]
النقاط20

التالي نظرة عامة السابق

Want to stay up to date on a daily basis?

Enable the mail alert feature now!