CVE-2018-7736

Published March 6th, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

In Z-BlogPHP 1.5.1.1740, cmd.php has XSS via the ZC_BLOG_SUBNAME parameter or ZC_UPLOAD_FILETYPE parameter. NOTE: the software maintainer disputes that this is a vulnerability

zblogcn/zblogphp

Z-BlogPHP博客程序

GitHub

871