Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server 6.1 Beta 2 on Windows, and possibly other versions on Linux, allow remote attackers to inject arbitrary web script or HTML via (1) the show parameter in show.asp and (2) the title parameter in showperf.asp.
References
| Link | Resource |
|---|---|
| http://secunia.com/advisories/11748 | Exploit Vendor Advisory |
| http://securitytracker.com/id?1010353 | Exploit |
| http://www.oliverkarow.de/research/sambar.txt | Exploit |
| http://www.osvdb.org/6583 | Exploit |
| http://www.osvdb.org/6584 | Exploit |
| http://www.securityfocus.com/bid/10444 | Exploit |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16286 | |
| http://secunia.com/advisories/11748 | Exploit Vendor Advisory |
| http://securitytracker.com/id?1010353 | Exploit |
| http://www.oliverkarow.de/research/sambar.txt | Exploit |
| http://www.osvdb.org/6583 | Exploit |
| http://www.osvdb.org/6584 | Exploit |
| http://www.securityfocus.com/bid/10444 | Exploit |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16286 |
Configurations
History
20 Nov 2024, 23:53
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://secunia.com/advisories/11748 - Exploit, Vendor Advisory | |
| References | () http://securitytracker.com/id?1010353 - Exploit | |
| References | () http://www.oliverkarow.de/research/sambar.txt - Exploit | |
| References | () http://www.osvdb.org/6583 - Exploit | |
| References | () http://www.osvdb.org/6584 - Exploit | |
| References | () http://www.securityfocus.com/bid/10444 - Exploit | |
| References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/16286 - |
Information
Published : 2004-12-31 05:00
Updated : 2024-11-20 23:53
NVD link : CVE-2004-2564
Mitre link : CVE-2004-2564
CVE.ORG link : CVE-2004-2564
JSON object : View
Products Affected
sambar
- sambar_server
CWE