Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the (1) host parameter to stat/host.php, nodayshow parameter to (2) mostvisitpage.php and (3) visitorduration.php in stat/, (4) nopagesmost parameter to stat/mostvisitpagechart.php, and date parameter to (5) pageviewers.php, (6) pageviewerschart.php, and (7) referer.php in stat/.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Gonafish WebStatCaffe多个跨站脚本攻击漏洞
Vulnerability Description
Gonafish WebStatCaffe是基于PHP+MySQL的简单的网络现场监测工具。 Gonafish WebStatCaffe存在多个跨站脚本攻击漏洞。远程攻击者可以借助多个参数,执行跨站脚本攻击,注入任意的web脚本和HTML,这些参数包含:stat/目录下的脚本(1)stat/host.php的 host参数,(2) mostvisitpage.php的nodayshow参数, (3)visitorduration.php 的nodayshow参数, (4)stat/mostvisitpag
CVSS Information
N/A
Vulnerability Type
N/A