Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Reflected Cross-Site Scripting on Anon Proxy Server
Vulnerability Description
Reflected Cross-Site Scripting (XSS) vulnerability in Anon Proxy Server v0.104. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending him/her a malicious URL. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user. It affects 'host' parameter in '/diagdns.php' endpoint.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
niknah Anon Proxy Server 跨站脚本漏洞
Vulnerability Description
niknah Anon Proxy Server是niknah公司的一个提供匿名网络访问与流量转发能力的代理服务器软件。 niknah Anon Proxy Server v0.104版本存在跨站脚本漏洞,该漏洞源于/diagdns.php端点的host参数未对用户输入进行有效过滤,攻击者可构造恶意URL注入JavaScript代码,在受害者浏览器中执行恶意脚本,进而窃取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A