Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Certain requests pass the authentication token in the URL as string query parameter, making it vulnerable to theft through server logs, proxy logs and Referer headers, which could allow an attacker to hijack the user's session and gain unauthorized access.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
通过GET请求中的查询字符串导致的信息暴露
Vulnerability Title
SICK Incoming Goods Suite 安全漏洞
Vulnerability Description
SICK Incoming Goods Suite是德国SICK公司的一款物流收货流程软件。 SICK Incoming Goods Suite存在安全漏洞,该漏洞源于身份验证令牌通过URL字符串查询参数传递,可能导致会话劫持和未经授权的访问。
CVSS Information
N/A
Vulnerability Type
N/A