A vulnerability was found in CLTPHP up to 6.0. It has been declared as problematic. Affected by this vulnerability is the POST Parameter Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
6.1CVSS
6AI Score
0.001EPSS
CLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via application/admin/controller/Template.php:update.
9.8CVSS
9.3AI Score
0.001EPSS
6.5CVSS
6.4AI Score
0.001EPSS
8.8CVSS
8.6AI Score
0.001EPSS
CLTPHP <=6.0 is vulnerable to Cross Site Scripting (XSS) via application/home/controller/Changyan.php.
6.1CVSS
6AI Score
0.0005EPSS
9.8CVSS
9.3AI Score
0.001EPSS
CLTPHP <=6.0 is vulnerable to Improper Input Validation via application/admin/controller/Template.php.
8.1CVSS
8AI Score
0.001EPSS