MyServer 0.6.2 – ‘math_sum.mscgi’ Multiple Cross-Site Scripting Vulnerabilities

MyServer 0.6.2 – ‘math_sum.mscgi’ Multiple Cross-Site Scripting Vulnerabilities

漏洞ID 1054547 漏洞类型
发布时间 2004-07-30 更新时间 2004-07-30
图片[1]-MyServer 0.6.2 – ‘math_sum.mscgi’ Multiple Cross-Site Scripting Vulnerabilities-安全小百科CVE编号 N/A
图片[2]-MyServer 0.6.2 – ‘math_sum.mscgi’ Multiple Cross-Site Scripting Vulnerabilities-安全小百科CNNVD-ID N/A
漏洞平台 CGI CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/24336
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/10831/info

Reportedly MyServer is affected by multiple remote vulnerabilities in the 'math_sum.mscgi' example script. These issues are due to a boundary condition error and a failure to properly sanitize user-supplied URI input.

An attacker could exploit the boundary condition issue to execute arbitrary code on the affected computer with the privileges of the user that started the affected application. The input validation issue could be leveraged to carry out cross-site scripting attacks against the affected computer.

These issues are reported to affect MyServer version 0.6.2, it is likely other versions are also affected.

http://www.example.com/cgi-bin/math_sum.mscgi?a=[code]&b=[code]

相关推荐: ASPJar Guestbook HTML Injection Vulnerability

ASPJar Guestbook HTML Injection Vulnerability 漏洞ID 1102100 漏洞类型 Input Validation Error 发布时间 2002-05-04 更新时间 2002-05-04 CVE编号 N/A C…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享