Z-BlogPHP 1.5.1 has XSS via the zb_users/plugin/AppCentre/plugin_edit.php app_id parameter. The component must be accessed directly by an administrator, or through CSRF.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zblogcn z-blogphp 1.5.1 |