exploits , vulnerabilities , articles , Centrinity FirstClass HTTP Server TargetName Parameter Cross-Site Scripting Vulnerability

Title	Centrinity FirstClass HTTP Server TargetName Parameter Cross-Site Scripting Vulnerability
Published	2004-03-22-12:00AM
Updated	2004-03-24-03:46PM
Class	Input Validation Error
CVE	CVE-MAP-NOMATCH
Remote	Yes
Local	No
Credit	Discovery is credited to Richard Maudsley <r.i.c.h@btopenworld.com>.
Vulnerable	Centrinity FirstClass 7.1 Centrinity FirstClass 7.0 Centrinity FirstClass 5.77 0 Centrinity FirstClass 5.50 Microsoft Windows NT 4.0
Not Vulnerable
Code	No exploit is required. The following proof of concept has been provided: http://www.example.com/.Templates/Commands/Upload.shtml?TargetName=<script>alert('XSS')</script>
TXT

Vulnerabilities - newest 10 RSS | More

• 2008-12-04 Rae Media Web Based Contact Management Login SQL Injection Vulnerability
• 2008-12-04 Nagios External Commands and Adaptive Commands Unspecified Vulnerability
• 2008-12-04 Z1Exchange SQL Injection and Cross Site Scripting Vulnerabilities
• 2008-12-04 mvnForum Cross Site Scripting Vulnerability
• 2008-12-04 i-Net Solution Orkut Clone SQL Injection and Cross Site Scripting Vulnerabilities
• 2008-12-04 Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
• 2008-12-04 Jbook SQL Injection Vulnerability
• 2008-12-04 SquirrelMail Malformed HTML Mail Message HTML Injection Vulnerability
• 2008-12-04 HP-UX Unspecified Local Denial Of Service Vulnerability
• 2008-12-04 Netrw Vim Script Information Disclosure Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Fri, 05 Dec 2008 17:36:30 +0000