Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Login.aspx in the SmarterTools SmarterStats 6.0 web server generates a ctl00$MPH$txtPassword password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SmarterTools SmarterStats web服务器Login.aspx认证绕过漏洞
Vulnerability Description
SmarterStats是一款可以通过网页浏览器访问帮助站长跟踪网站访问者的程序,并可以产生超过135份跟踪报告。 SmarterTools SmarterStats 6.0 web服务器中的Login.aspx在没有禁用自动完成功能的情况下会产生ctl00$MPH$txtPassword密码表单域。远程攻击者可以利用无人值守的工作站绕过认证。
CVSS Information
N/A
Vulnerability Type
N/A