Microstrategy Web 7 漏洞列表

共找到 4 个与 Microstrategy Web 7 相关的漏洞

📅 加载漏洞趋势中...

CVE-2018-18775: Microstrategy Web 7 - Cross-Site Scripting POC

日期: 2025-08-01 | 影响软件: Microstrategy Web 7

Microstrategy Web 7 does not sufficiently encode user-controlled inputs, resulting in cross-site scripting via the Login.asp Msg parameter.
CVE-2018-18777: Microstrategy Web 7 - Local File Inclusion POC

日期: 2025-08-01 | 影响软件: Microstrategy Web 7

Microstrategy Web 7 is vulnerable to local file inclusion via "/WebMstr7/servlet/mstrWeb" (in the parameter subpage). Remote authenticated users can bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application. NOTE: this is a deprecated product.
CVE-2018-18775: Microstrategy Web 7 - Cross-Site Scripting POC

日期: 2025-08-01 | 影响软件: Microstrategy Web 7

Microstrategy Web 7 does not sufficiently encode user-controlled inputs, resulting in cross-site scripting via the Login.asp Msg parameter.
CVE-2018-18777: Microstrategy Web 7 - Local File Inclusion POC

日期: 2025-08-01 | 影响软件: Microstrategy Web 7

Microstrategy Web 7 is vulnerable to local file inclusion via "/WebMstr7/servlet/mstrWeb" (in the parameter subpage). Remote authenticated users can bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application. NOTE: this is a deprecated product.