Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting vulnerability in Webalizer 2.01-06, and possibly other versions, allows remote attackers to inject arbitrary HTML tags by specifying them in (1) search keywords embedded in HTTP referrer information, or (2) host names that are retrieved via a reverse DNS lookup.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Bradford Barrett Webalizer 跨站脚本执行漏洞
Vulnerability Description
CVE(CAN) ID: CAN-2001-0835 Webalizer 是一款Web服务器日志程序,用来生成Web站点统计日志文件。日志一般包括 来源,浏览器类型,站点点击率和文件访问等信息,这些日志文件是HTML格式的,可以 通过浏览器查看。但是该程序被发现存在跨站脚本执行漏洞。 由于没有过滤HTML标记,通过在"REFERER"域精心构造一个包含HTML标记的字符串, 可能导致使用浏览器浏览日志的管理员遭受跨站脚本执行攻击。
CVSS Information
N/A
Vulnerability Type
N/A