Published: 31/12/2002 Updated: 05/09/2008

CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4

VMScore: 195

Vector: AV:L/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in Zeus Administration Server in Zeus Web Server 4.0 up to and including 4.1r2 allows remote authenticated users to inject arbitrary web script or HTML via the section parameter to index.fcgi.

Vulnerable Product	Search on Vulmon	Subscribe to Product
zeus technologies zeus web server 4.0
zeus technologies zeus web server 4.1
zeus technologies zeus web server 4.1_r1
zeus technologies zeus web server 4.1_r2
zeus technologies zeus web server 4.1_r3
zeus technologies zeus web server 4.1_r4

source: wwwsecurityfocuscom/bid/6144/info The Zeus Web Server contains a web based administration interface that is vulnerable to cross site scripting attacks Due to insufficient sanitization of user-supplied input it is possible for an attacker to construct a malicious link which contains arbitrary HTML and script code, which will be e ...

NVD-CWE-Other http://archives.neohapsis.com/archives/bugtraq/2002-11/0104.html http://online.securityfocus.com/archive/1/302961 http://www.securityfocus.com/bid/6144 http://www.iss.net/security_center/static/10567.php https://nvd.nist.gov https://www.exploit-db.com/exploits/22000/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-1785

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect