Количество 3
Количество 3
CVE-2021-37365
CTparental before 4.45.03 is vulnerable to cross-site scripting (XSS) in the CTparental admin panel. In bl_categires_help.php, the 'categories' variable is assigned with the content of the query string param 'cat' without sanitization or encoding, enabling an attacker to inject malicious code into the output webpage.
GHSA-588w-3hxj-v2wx
CTparental before 4.45.03 is vulnerable to cross-site scripting (XSS) in the CTparental admin panel. In bl_categires_help.php, the 'categories' variable is assigned with the content of the query string param 'cat' without sanitization or encoding, enabling an attacker to inject malicious code into the output webpage.
BDU:2021-04557
Уязвимость функции в bl_categires_help.php родительского контроля для Интернета CTparental, позволяющая нарушителю внедрить произвольный код
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-37365 CTparental before 4.45.03 is vulnerable to cross-site scripting (XSS) in the CTparental admin panel. In bl_categires_help.php, the 'categories' variable is assigned with the content of the query string param 'cat' without sanitization or encoding, enabling an attacker to inject malicious code into the output webpage. | CVSS3: 6.1 | 0% Низкий | больше 4 лет назад |
| GHSA-588w-3hxj-v2wx CTparental before 4.45.03 is vulnerable to cross-site scripting (XSS) in the CTparental admin panel. In bl_categires_help.php, the 'categories' variable is assigned with the content of the query string param 'cat' without sanitization or encoding, enabling an attacker to inject malicious code into the output webpage. | 0% Низкий | больше 3 лет назад | |
 | BDU:2021-04557 Уязвимость функции в bl_categires_help.php родительского контроля для Интернета CTparental, позволяющая нарушителю внедрить произвольный код | CVSS3: 7.8 | 0% Низкий | больше 4 лет назад |
Уязвимостей на страницу