Published: 31/12/2004 Updated: 29/07/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in login_up.php3 in Plesk 7.0 and 7.1 Reloaded allows remote malicious users to inject arbitrary web script or HTML via the login_name parameter. NOTE: this might be the same vector as CVE-2006-6451.

Vulnerable Product	Search on Vulmon	Subscribe to Product
swsoft plesk 7.0
swsoft plesk 7.1

source: wwwsecurityfocuscom/bid/11024/info It is reported that Plesk Reloaded may be affected by a cross-site scripting vulnerability This issue is due to a failure of the application to properly sanitize user-supplied URI input This issue could permit a remote attacker to create a malicious URI link that includes hostile HTML and scri ...

CWE-79 http://archives.neohapsis.com/archives/fulldisclosure/2004-08/1031.html http://archives.neohapsis.com/archives/fulldisclosure/2004-08/1022.html http://archives.neohapsis.com/archives/fulldisclosure/2004-12/0554.html http://www.securityfocus.com/bid/11024 http://www.osvdb.org/9149 http://securitytracker.com/id?1011042 http://secunia.com/advisories/12368 https://exchange.xforce.ibmcloud.com/vulnerabilities/17085 https://nvd.nist.gov https://www.exploit-db.com/exploits/24405/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-2702

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect