Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
AlstraSoft Video Share Enterprise allows remote attackers to obtain sensitive information (the full path) via (1) a ' (quote) character in the category parameter to view_video.php, or (2) an XSS sequence in the UID parameter to (a) uprofile.php, (b) channel_detail.php, (c) uvideos.php, (d) groups_home.php, or (e) ufriends.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
AlstraSoft Video Share 多个参数的远程攻击漏洞
Vulnerability Description
AlstraSoft Video Share 企业版允许远程攻击者可以借助(1)对view_video.php的分类参数中的一个 ' (引号)字符或(2)对(a) uprofile.php, (b) channel_detail.php, (c) uvideos.php, (d) groups_home.php, 或 (e) ufriends.php的Uid参数的一个XSS序列,获得敏感信息(全路径)。
CVSS Information
N/A
Vulnerability Type
N/A