Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The SmarterTools SmarterStats 6.0 web server does not properly validate string data that is intended for storage in an XML document, which allows remote attackers to cause a denial of service (parsing error and daemon pause) via vectors involving (1) certain cookies in a SiteInfoLookup action to Admin/frmSites.aspx, or certain (2) cookies or (3) parameters to (a) Client/frmViewOverviewReport.aspx, (b) Client/frmViewReports.aspx, or (c) Services/SiteAdmin.asmx, as demonstrated by a ]]>> string, related to an "XML injection" issue.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SmarterTools SmarterStats web服务器XML注入漏洞
Vulnerability Description
SmarterStats是一款可以通过网页浏览器访问帮助站长跟踪网站访问者的程序,并可以产生超过135份跟踪报告。 SmarterTools SmarterStats 6.0 web服务器不能正确地验证存储于XML文档中的字符串数据。远程攻击者可以借助某些向量导致拒绝服务(解析错误和守护进程中止)。这些向量与对Admin/frmSites.aspx的SiteInfoLookup操作中的某些cookie,或者向Client/frmViewOverviewReport.aspx,Client/frmViewR
CVSS Information
N/A
Vulnerability Type
N/A