Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cerberus FTP Server before 5.0.6.0 allow (1) remote attackers to inject arbitrary web script or HTML via a log entry that is not properly handled within the Log Manager component, and might allow (2) remote authenticated administrators to inject arbitrary web script or HTML via a Messages field to the servermanager program.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cerberus FTP Server Web Admin 跨站脚本漏洞
Vulnerability Description
Cerberus FTP Server是美国Cerberus公司的一款免费、多线程并运行在Windows操作系统中的FTP服务器。 Cerberus FTP Server 5.0.6.0之前版本中的管理网络接口中存在多个跨站脚本漏洞。(1)通过不正确处理Log Manager组件中的日志条目,远程攻击者利用该漏洞注入任意web脚本或HTML(2)通过将消息字段传送到服务器管理程序,远程认证攻击者利用该漏洞注入任意web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A