Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in boilerplate.asp for Citrix NFuse 1.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the NFuse_Template parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Citrix Nfuse boilerplate.asp WEB ROOT目录泄露漏洞
Vulnerability Description
Citrix NFuse是一款应用构建服务程序,通过WEB浏览器提供任意应用程序的功能,NFuse需要与WEB服务器结合工作,运行在多种操作系统下,包括Unix,Linux,windows. Citrix NFuse对用户输入过滤上存在漏洞,可使远程攻击者获得Web ROOT在系统上的绝对路径信息。 Citrix NFuse中的lboilerplate.asp脚本代码没有过滤来自URL参数,攻击者可通过向lboilerplate.asp提供构建包含(../)特殊的请求,导致主机返回包含Web ROOT绝对
CVSS Information
N/A
Vulnerability Type
N/A