Vulnerabilities > CVE-2002-1497 - Cross-Site Scripting vulnerability in NullLogic Null HTTPd Error Page

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

nulllogic

exploit available

NVD

Published: 2003-04-02

Updated: 2018-05-03

Summary

Cross-site scripting (XSS) vulnerability in Null HTTP Server 0.5.0 and earlier allows remote attackers to insert arbitrary HTML into a "404 Not Found" response.

Vulnerable Configurations

Part	Description	Count
Application	Nulllogic Nulllogic Null Httpd *	1

Exploit-Db

description	NullLogic Null HTTPd 0.5 Error Page Cross-Site Scripting Vulnerability. CVE-2002-1497 . Remote exploits for multiple platform
id	EDB-ID:21767
last seen	2016-02-02
modified	2002-09-02
published	2002-09-02
reporter	Matthew Murphy
source	https://www.exploit-db.com/download/21767/
title	NullLogic Null HTTPd 0.5 Error Page Cross-Site Scripting Vulnerability

References

http://freshmeat.net/releases/97910/
http://www.securityfocus.com/bid/5603
https://exchange.xforce.ibmcloud.com/vulnerabilities/10004