Published: 09/06/2003 Updated: 05/09/2008

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 440

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in OmniHTTPd allow remote malicious users to insert script or HTML into web pages via (1) test.php, (2) test.shtml, or (3) redir.exe.

Vulnerable Product	Search on Vulmon	Subscribe to Product
omnicron omnihttpd

source: wwwsecurityfocuscom/bid/5568/info Cross site scripting vulnerabilities have been reported in multiple sample scripts including with OmniHTTPD In particular, testshtml and testphp contain errors This type of vulnerability may be used to steal cookies or perform other web-based attacks localhost/testshtml?%3CSCRIPT% ...

source: wwwsecurityfocuscom/bid/5568/info Cross site scripting vulnerabilities have been reported in multiple sample scripts including with OmniHTTPD In particular, testshtml and testphp contain errors This type of vulnerability may be used to steal cookies or perform other web-based attacks localhost/testphp?%3CSCRIPT%3Ea ...

NVD-CWE-Other http://archives.neohapsis.com/archives/bugtraq/2002-08/0264.html http://archives.neohapsis.com/archives/bugtraq/2002-08/0263.html http://archives.neohapsis.com/archives/bugtraq/2002-08/0266.html https://nvd.nist.gov https://www.exploit-db.com/exploits/21754/

CVE-2002-1455

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect