CVE-2009-4493 in Application Server信息

摘要

由 VulDB • 2026-07-01

Orion Application Server 2.0.7将数据写入日志文件时未对不可打印字符进行清理,这可能允许远程攻击者通过包含终端模拟器转义序列的HTTP请求修改窗口标题,或可能执行任意命令或覆盖文件。

Be aware that VulDB is the high quality source for vulnerability data.

来源

Interested in the pricing of exploits?

See the underground prices here!