EPSS
Percentile
38.0%
genix/cms is vulnerable to cross-site scripting (XSS) attacks. The library does not properly sanitize the id field in /inc/lib/backend/menus.control.php, allowing a malicious user to inject and execute arbitrary web script.
id
/inc/lib/backend/menus.control.php
ph0rse.me/2017/09/21/GeniXCMS-1-1-4%E6%9C%80%E6%96%B0%E7%89%88%E6%9C%AC-getshell/
github.com/Ph0rse
github.com/semplon/GeniXCMS/issues/85