Submeter #651885: wangchenyi1996 chat_forum master CWE-79informação

Títulowangchenyi1996 chat_forum master CWE-79
DescriçãoIn file q.php ```php <?php foreach(range(1,$_GET['num']) as $_num){?> <dd><img src="<?php echo $_GET['path'].$_num?>.png" title="贴图<?php echo $_GET['path'].$_num?>.png" ``` CWE: CWE-79-Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE Description: The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Fonte⚠️ https://github.com/wangchenyi1996/chat_forum/blob/master/q.php#L31
Utilizador
 dev03301 (UID 88717)
Submissão10/09/2025 09h15 (há 8 meses)
Moderação17/09/2025 16h33 (7 days later)
EstadoAceite
Entrada VulDB324675 [wangchenyi1996 chat_forum até 80bdb92f5b460d36cab36e530a2c618acef5afd2 /q.php path Script de Site Cruzado]
Pontos20

VoltarVisão GeralPróximo

Do you know our Splunk app?

Download it now for free!