onEpAth936 issues

Results 6 issues of


                                            onEpAth936

config-docker.yaml代理问题

![59a6d249e20b414134f821510b28bdb](https://user-images.githubusercontent.com/63861767/156022589-7d48bfdb-a03b-4785-bf75-59fd37b30ecc.png) 本地挂着clash可用的外国节点 config-docker.yaml文件配置了本地代理 docker内使用不了本地代理 ![e3fee8f22e5c6ab241ba8194bd43413](https://user-images.githubusercontent.com/63861767/156023726-d588b09d-b966-46f0-8976-69368bd12b49.png) 是只支持使用外部代理池吗？还是我姿势不对？

Found xss vulnerability and Information Disclosure Vulnerability in post-edit.php

environment: - php.7.3.4 - win10 First,you need to Login the backstage here: /mc-admin/ ![image](https://user-images.githubusercontent.com/63861767/178090196-1c6482b4-080f-4ccd-9e5f-ee7103f6d3ae.png) Second,use payload: /mc-admin/post-edit.php?id=%3Cscript%3Ealert%285%29%3C/script%3E ![image](https://user-images.githubusercontent.com/63861767/178090338-6d98cc90-f0a5-492d-9356-d3c4cf4be06c.png) you will see Pop-ups,then click here : ![image](https://user-images.githubusercontent.com/63861767/178090374-84b91b60-37b3-433e-bdb3-89b49860b821.png) you will see Web...

onEpAth936

config-docker.yaml代理问题

Found xss vulnerability and Information Disclosure Vulnerability in post-edit.php

Found Stored Cross Site Scripting (XSS) vulnerability

Found Reflected Cross Site Scripting (XSS) vulnerability

Found cross-site request forgery (CSRF) vulnerability

Found Broken access control vulnerability