Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SmarterTools SmarterStats 6.2.4100 generates web pages containing external links in response to GET requests with query strings for frmGettingStarted.aspx, which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs, related to a "cross-domain Referer leakage" issue.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SmarterTools SmarterStats信息泄露漏洞
Vulnerability Description
SmarterTools SmarterStats 6.2.4100版本中存在漏洞,当其响应带有frmGettingStarted.aspx查询字符串的GET请求时生成包含外部链接的web页面。远程攻击者更易于通过读取(1) web-server访问日志或者(2) web-server引用日志获得敏感信息,与"cross-domain Referer leakage"问题有关。
CVSS Information
N/A
Vulnerability Type
N/A