Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Injection via log file
Vulnerability Description
An API endpoint allows arbitrary log entries to be created via POST request. Without sufficient validation of the input data, an attacker can create manipulated log entries and thus falsify or dilute logs, for example.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Vulnerability Type
日志输出的转义处理不恰当
Vulnerability Title
SICK AG Enterprise Analytics 安全漏洞
Vulnerability Description
SICK AG Enterprise Analytics是德国SICK AG公司的一个包裹分析软件。 SICK AG Enterprise Analytics存在安全漏洞,该漏洞源于API端点未充分验证输入数据,可能导致日志条目被篡改或稀释。
CVSS Information
N/A
Vulnerability Type
N/A