In Z-BlogPHP 1.5.1.1740, cmd.php has XSS via the ZC_BLOG_SUBNAME parameter or ZC_UPLOAD_FILETYPE parameter. NOTE: the software maintainer disputes that this is a vulnerability
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zblogcn z-blogphp 1.5.1.1740 |