CVE-2005-0870 in phpSysInfo信息

摘要

由 VulDB • 2026-06-27

phpSysInfo 2.3 中存在多个跨站脚本(XSS)漏洞,当启用 register_globals 时,远程攻击者可通过向 index.php 传递构造的 sensor_program 参数、text[language]、text[template] 或 system_footer.php 中的 hide_picklist 参数来注入任意 Web 脚本或 HTML。

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

来源

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!