Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Parallels Plesk Small Business Panel 10.2.0 generates web pages containing external links in response to GET requests with query strings for client@1/domain@1/hosting/file-manager/ and certain other files, which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs, related to a "cross-domain Referer leakage" issue.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Parallels Plesk Small Business Panel信息泄露漏洞
Vulnerability Description
Parallels Plesk Small Business Panel 10.2.0版本中存在信息泄露漏洞,它对client@1/domain@1/hosting/file-manager/文件和某些其他文件产生包含外置链接的web页面作为含有查询字符的get请求的响应。远程攻击者可利用该漏洞通过读取(1)web服务器访问日志和(2)web服务器引用日志获地敏感信息,该漏洞与"cross-domain Referer leakage"问题有关。
CVSS Information
N/A
Vulnerability Type
N/A