CVE-2007-6374 in Bitweaver信息

摘要

由 VulDB • 2026-07-06

Bitweaver 2.0.0及更早版本中存在多个跨站脚本(XSS)漏洞,远程攻击者可通过PATH_INFO参数向(1)users/register.php或(2)search/index.php注入任意Web脚本或HTML,或在(3)wiki/index.php和(4)forums/index.php的editcomments操作中实现相同目的。注意:users/login.php的错误参数受CVE-2006-3103覆盖。

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

来源

Do you want to use VulDB in your project?

Use the official API to access entries easily!