Vulnerabilities > CVE-2004-2096 - Cross-Site Scripting vulnerability in Mephistoles Internet Suite Mephistoles Httpd 0.6Final/0.6P1/0.6P2

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
mephistoles-internet-suite
exploit available
NVD
Published: 2004-12-31
Updated: 2017-07-11

Summary

Cross-site scripting (XSS) vulnerability in Mephistoles httpd 0.6.0 final allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the URL.

Vulnerable Configurations

Part Description Count
Application
Mephistoles_Internet_Suite
3

Exploit-Db

descriptionMephistoles HTTPD 0.6 Cross-Site Scripting Vulnerability. CVE-2004-2096 . Remote exploits for multiple platform
idEDB-ID:23564
last seen2016-02-02
modified2004-01-21
published2004-01-21
reporterDonato Ferrante
sourcehttps://www.exploit-db.com/download/23564/
titleMephistoles HTTPD 0.6 - Cross-Site Scripting Vulnerability

References