漏洞描述
/
拓尔思-MAS Comment 插件存在XML实体注入
PoC代码
暂无相关漏洞推荐
- POC CVE-2010-1601: Joomla! Component JA Comment - Local File Inclusion
- POC CVE-2010-1602: Joomla! Component ZiMB Comment 0.8.1 - Local File Inclusion
- POC CVE-2010-2050: Joomla! Component MS Comment 0.8.0b - Local File Inclusion
- POC CVE-2020-26248: PrestaShop Product Comments <4.2.0 - SQL Injection
- POC CVE-2020-35598: Advanced Comment System 1.0 - Local File Inclusion
- POC CVE-2021-24838: WordPress AnyComment <0.3.5 - Open Redirect
- POC CVE-2019-9881: WPEngine WPGraphQL 0.2.3 - Unauthenticated Comment Posting
- POC CVE-2025-5701: HyperComments <= 1.2.2 - Arbitrary Options Update
- WordPress plugin Comments Import & Export 跨站脚本漏洞
- WordPress plugin azurecurve Shortcodes in Comments 代码注入漏洞
- 万户ezOFFICE selectCommentField 存在 SQL 注入漏洞
- 万户 ezOFFICE /defaultroot/platform/custom/custom_database/dropdownselect/selectCommentField.jsp;.js SQL 注入漏洞
- WordPress plugin The Enable Shortcodes inside Widgets,Comments and Experts 码注入漏洞