Vulnerabilities > CVE-2004-1100 - Cross-Site Scripting vulnerability in Tips Mailpost 5.1.1Sv

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
tips
exploit available
NVD
Published: 2005-01-10
Updated: 2017-07-11

Summary

Cross-site scripting (XSS) vulnerability in mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, when debug mode is enabled, allows remote attackers to execute arbitrary web script or HTML via the append parameter. Successful exploitation requires that debug mode is enabled.

Vulnerable Configurations

Part Description Count
Application
Tips
1

Exploit-Db

descriptionTIPS MailPost 5.1.1 APPEND Variable Cross-Site Scripting Vulnerability. CVE-2004-1100. Webapps exploit for cgi platform
idEDB-ID:24721
last seen2016-02-02
modified2004-11-03
published2004-11-03
reporterProcheckup
sourcehttps://www.exploit-db.com/download/24721/
titleTIPS MailPost 5.1.1 APPEND Variable Cross-Site Scripting Vulnerability

References