Vulnerabilities > CVE-2004-1512 - Unspecified vulnerability in Soft3304 04Webserver 1.42
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN soft3304
nessus
Summary
Cross-site scripting (XSS) vulnerability in Response_default.html in 04WebServer 1.42 allows remote attackers to execute arbitrary web script or HTML via script code in the URL, which is not quoted in the resulting default error page.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | Web Servers |
| NASL id | 04WEBSERVER.NASL |
| description | The remote host is running a version of 04WebServer which is older than version 1.5. Such versions are affected by multiple vulnerabilities : - A cross-site scripting vulnerability in the Response_default.html script which could allow an attacker to execute arbitrary code in the user |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 15713 |
| published | 2004-11-13 |
| reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/15713 |
| title | 04WebServer Multiple Vulnerabilities (XSS, DoS, more) |
References
- http://marc.info/?l=bugtraq&m=110012542615484&w=2
- http://marc.info/?l=bugtraq&m=110012542615484&w=2
- http://marc.info/?l=bugtraq&m=110054395311823&w=2
- http://marc.info/?l=bugtraq&m=110054395311823&w=2
- http://secunia.com/advisories/13159/
- http://secunia.com/advisories/13159/
- http://www.security.org.sg/vuln/04webserver142.html
- http://www.security.org.sg/vuln/04webserver142.html
- http://www.securityfocus.com/bid/11652
- http://www.securityfocus.com/bid/11652
- http://www.soft3304.net/04WebServer/Security.html
- http://www.soft3304.net/04WebServer/Security.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18033
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18033