Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to obtain sensitive server information, including the internal IP address, via a direct request to (1) snoop.jsp, (2) SnoopServlet, (3) env.bas, or (4) lcgitest.nlm.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Novell Netware Enterprise Web Server多个安全漏洞
Vulnerability Description
Novell NetWare-Enterprise-Web-Server是一款强大的WEB服务程序。 NetWare-Enterprise-Web-Server存在多个安全问题,远程攻击者可以利用这些漏洞进行跨站脚本攻击,获得敏感信息和装载恶意文件到服务器。 服务器对用户提交的包含恶意脚本的数据缺少充分过滤,提交恶意链接,诱使用户访问,可获得目标用户的基于认证的敏感信息。 另外提交部分脚本请求,会返回包含内部IP地址,目录列表等的敏感信息。 提交特殊的URL请求,可装载.htt文件到服务器上。
CVSS Information
N/A
Vulnerability Type
N/A