Vulnerabilities > CVE-2002-2192 - Cross-Site Scripting vulnerability in Perception Liteserve 2.0.1

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
perception
exploit available
NVD
Published: 2002-12-31
Updated: 2008-09-05

Summary

Cross-site scripting (XSS) vulnerability in Perception LiteServe 2.0.1 allows remote attackers to execute arbitrary web script via (1) a Host: header when DNS wildcards are supported or (2) the query string in a "dir" request to indexed folders. This vulnerability is limited to server configurations with Wildcard DNS enabled.

Vulnerable Configurations

Part Description Count
Application
Perception
1

Exploit-Db

  • descriptionPerception LiteServe 2.0.1 DNS Wildcard Cross Site Scripting Vulnerability. CVE-2002-2192. Remote exploit for windows platform
    idEDB-ID:21997
    last seen2016-02-02
    modified2002-11-08
    published2002-11-08
    reporterMatthew Murphy
    sourcehttps://www.exploit-db.com/download/21997/
    titlePerception LiteServe 2.0.1 DNS Wildcard Cross-Site Scripting Vulnerability
  • descriptionPerception LiteServe 2.0.1 Directory Query String Cross Site Scripting Vulnerability. CVE-2002-2192. Remote exploit for windows platform
    idEDB-ID:21999
    last seen2016-02-02
    modified2002-11-08
    published2002-11-08
    reporterMatthew Murphy
    sourcehttps://www.exploit-db.com/download/21999/
    titlePerception LiteServe 2.0.1 - Directory Query String Cross-Site Scripting Vulnerability

References