Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

seebug.org
seebug.orgadded 2009/09/05 12:0 a.m.47 views

XStat PHPInfo可导致信息泄露漏洞

BUGTRAQ: 4280 X-Stat是一款PHP语言编写免费的WEB通信分析程序,可以运行在Unix和Linux操作系统下,也可运行在Microsoft Windows操作系统平台下。 X-Stat由于对部分错误WEB请求处理存在问题可导致相关主机信息泄露。 攻击者可以对X-Stat系统中的xstatadmin.php脚本参数action提交phpinfo变量,可导致相关主机信息泄露给攻击者,包括主机信息,操作系统信息和服务器信息等。 攻击者可以通过这些信息,对目标系统进行进一步的攻击。 Xqus X-Stat 2.3 Xqus X-Stat 2.2 临时解决方法:...

7.1AI score
Exploits0
CVE
CVEadded 2005/07/14 4:0 a.m.47 views

CVE-2002-2044

CVE-2002-2044 describes a cross-site scripting (XSS) vulnerability in x-stat (version 2.3 and earlier) affecting the file x_stat_admin.php . The issue arises when a parameter to the phpinfo action is not properly sanitized, allowing remote attackers to inject arbitrary web script or HTML. Affecte...

4.3CVSS5.9AI score0.00613EPSS
Exploits1References5Affected Software1
NVD
NVDadded 2002/12/31 5:0 a.m.20 views

CVE-2002-2044

Cross-site scripting XSS vulnerability in xstatadmin.php in x-stat 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the phpinfo action...

4.3CVSS5.7AI score0.00613EPSS
Exploits1References5
Rows per page
Query Builder