https://www.securityfocus.com/bid/89751
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200206-047

WebTrendsReportingCenter4.0d版本中存在信息泄露漏洞。远程攻击者可借助对带有空Profile参数的get_od_toc.pl的GET请求确定web服务器的真实路径。

WebTrends Reporting Center 4.0D

来源:XF
名称:webtrends-profile-path-disclosure(8865)
链接:http://www.iss.net/security_center/static/8865.php
来源:OSVDB
名称:10447
链接:http://www.osvdb.org/10447
来源:www.ngssoftware.com
链接:http://www.ngssoftware.com/advisories/wtr.txt
来源:BUGTRAQ
名称:20020416WebtrendsReportingCenterBufferOverflow(#NISR17042002C)
链接:http://archives.neohapsis.com/archives/bugtraq/2002-04/0207.html