Published: 02/06/2020 Updated: 15/06/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

An issue exists in Sysax Multi Server 6.90. There is reflected XSS via the /scgi sid parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sysax multi server 6.90

Sysax MultiServer version 690 suffers from a cross site scripting vulnerability ...

Sysax-MultiServer-690-Multiple-Vulnerabilities In 2020, my research on Sysax Multiserver 690 led to the publication of the following CVEs: CVE-2020-13227, CVE-2020-13228, CVE-2020-13229 1) Insecure Permissions and Information Disclosure via error handling::: CVE-2020-13227 ::: Description:An attacker can determine the username (under which the web server is running) by trigge

CWE-79 https://github.com/wrongsid3/Sysax-MultiServer-6.90-Multiple-Vulnerabilities/blob/master/README.md https://pasteboard.co/J9eE2GQ.png https://github.com/wrongsid3 http://packetstormsecurity.com/files/158062/Sysax-MultiServer-6.90-Cross-Site-Scripting.html https://nvd.nist.gov https://github.com/wrongsid3/Sysax-MultiServer-6.90-Multiple-Vulnerabilities https://packetstormsecurity.com/files/158062/Sysax-MultiServer-6.90-Cross-Site-Scripting.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-13228

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect