Macromedia JRun 4.0 build 61650 – Administrative Interface Multiple Cross-Site Scripting Vulnerabilities

23次阅读
没有评论

Macromedia JRun 4.0 build 61650 – Administrative Interface Multiple Cross-Site Scripting Vulnerabilities

漏洞ID 1054269 漏洞类型
发布时间 2003-11-26 更新时间 2003-11-26
Macromedia JRun 4.0 build 61650 - Administrative Interface Multiple Cross-Site Scripting VulnerabilitiesCVE编号 N/A
Macromedia JRun 4.0 build 61650 - Administrative Interface Multiple Cross-Site Scripting VulnerabilitiesCNNVD-ID N/A
漏洞平台 JSP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/23402
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/9112/info

A number of cross-site scripting vulnerabilities have been reported for Macromedia Jrun, specifically in the administrative interface. The problem is said to occur due to insufficient sanitization of URI parameters that may be passed to the page by an unauthenticated user.

Successful exploitation of this issue could potentially allow an attacker to steal an administrators authentication credentials, likely leading to further malicious actions taking places. 

http://www.example.com:8000/server/<your server>/webserver/webserverlist.jsp?action=start&externalWebServer=DefaultDomain%3aservice%3d<script code>

http://www.example.com:8000/clusterframe.jsp?cluster=<script code>

相关推荐: Linux nfsd Remote Buffer Overflow Vulnerability

Linux nfsd Remote Buffer Overflow Vulnerability 漏洞ID 1104540 漏洞类型 Boundary Condition Error 发布时间 1999-11-09 更新时间 1999-11-09 CVE编号 N…

正文完
 0