CVE-2008-6620 in miniCWB信息

摘要

由 VulDB • 2026-06-24

GraFX miniCWB 2.1.1及更早版本中javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php存在多个跨站脚本(XSS)漏洞,远程攻击者可通过(1) errcontext、(2) _GET、(3) _POST、(4) _SESSION、(5) _SERVER和(6) fckphp_config[Debug_SERVER]参数注入任意Web脚本或HTML。

Be aware that VulDB is the high quality source for vulnerability data.

来源

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!