Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The SmarterTools SmarterStats 6.0 web server generates web pages containing external links in response to GET requests with query strings for (1) Client/frmViewReports.aspx or (2) UserControls/Popups/frmHelp.aspx, which makes it easier for remote attackers to obtain sensitive information by reading (a) web-server access logs or (b) web-server Referer logs, related to a "cross-domain Referer leakage" issue.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SmarterTools SmarterStats web服务器跨域Referer泄露漏洞
Vulnerability Description
SmarterStats是一款可以通过网页浏览器访问帮助站长跟踪网站访问者的程序,并可以产生超过135份跟踪报告。 SmarterTools SmarterStats 6.0 web服务器在为(1)Client/frmViewReports.aspx或(2)UserControls/Popups/frmHelp.aspx响应GET请求时,会产生含有外部链接的网页,该请求带有查询字符串。远程攻击者可以通过读取web-server访问日志或web-server Referer日志获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A