Published: 31/12/2004 Updated: 11/07/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in Mephistoles httpd 0.6.0 final allows remote malicious users to execute arbitrary script as other users by injecting arbitrary HTML or script into the URL.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mephistoles internet suite mephistoles httpd 0.6_p2
mephistoles internet suite mephistoles httpd 0.6_final
mephistoles internet suite mephistoles httpd 0.6_p1

source: wwwsecurityfocuscom/bid/9470/info Mephistoles 'httpd' daemon fails to sanitize user-supplied input, making it vulnerable to cross-site scripting attacks This vulnerability allows an attacker to construct a malicious link containing HTML or script code that may be rendered in a user's browser upon visiting that link This attack w ...

NVD-CWE-Other http://www.securityfocus.com/bid/9470 http://www.osvdb.org/3689 http://secunia.com/advisories/10693 http://marc.info/?l=bugtraq&m=107470433714179&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/14899 https://nvd.nist.gov https://www.exploit-db.com/exploits/23564/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-2096

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect