Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
awstats.pl in AWStats 6.8 and earlier does not properly remove quote characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the query_string parameter. NOTE: this issue exists because of an incomplete fix for CVE-2008-3714.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
AWStats 跨站脚本漏洞
Vulnerability Description
AWStats是eldy个人开发者的一个应用于Web站点的日志分析工具。该软件支持分析IIS 5.0 +,Apache等所有操作系统上Web,WAP,代理,流服务器、FTP、邮件服务器日志文件,显示所有Web统计信息,包括:访问者,页面,匹配、搜索引擎等关键信息 AWStats 6.8及之前版本存在跨站脚本漏洞,该漏洞源于未正确删除引号字符,允许远程攻击者通过query_string参数进行跨站脚本(XSS)攻击。
CVSS Information
N/A
Vulnerability Type
N/A