Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
BookReview beta 1.0 allows remote attackers to obtain the path of the web server via certain parameters to search.htm, possibly due to a search[string] parameter with a missing value or an incorrect submit[type] value, which reveals the path in the resulting error message. NOTE: it is not clear whether BookReview is available to the public. If not, then it should not be included in CVE.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BookReview beta 漏洞
Vulnerability Description
BookReview beta 1.0允许远程攻击者通过传给search.htm的特定参数来获取web服务器的路径,可能是由于一个数值缺失的search[string]参数或者一个不正确的submit[type]值引起,导致系统在结果的出错消息内泄漏路径信息。注:未清楚公众是否可以使用到BookReview。如果不能,则不能包含在CVE内。
CVSS Information
N/A
Vulnerability Type
N/A