Vulnerabilities > CVE-2004-2447 - Unspecified vulnerability in 1ST Class Internet Solutions 1ST Class Mail Server 4.01
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN 1st-class-internet-solutions
exploit available
Summary
Cross-site scripting (XSS) vulnerability in 1st Class Mail Server 4.01 allows remote attackers to inject arbitrary web script or HTML via the Mailbox parameter to (1) viewmail.tagz, (2) the index script under /user/, (3) members.tagz, (4) general.tagz, (5) advanced.tagz, or (6) list.tagz.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description 1st Class Mail Server 4.0 1 general.tagz XSS. CVE-2004-2447 . Webapps exploit for cgi platform id EDB-ID:23940 last seen 2016-02-02 modified 2004-04-08 published 2004-04-08 reporter dr_insane source https://www.exploit-db.com/download/23940/ title 1st Class Mail Server 4.0 1 general.tagz XSS description 1st Class Mail Server 4.0 1 Index XSS. CVE-2004-2447. Webapps exploit for cgi platform id EDB-ID:23938 last seen 2016-02-02 modified 2004-04-08 published 2004-04-08 reporter dr_insane source https://www.exploit-db.com/download/23938/ title 1st Class Mail Server 4.0 1 Index XSS description 1st Class Mail Server 4.0 1 advanced.tagz XSS. CVE-2004-2447 . Webapps exploit for cgi platform id EDB-ID:23941 last seen 2016-02-02 modified 2004-04-08 published 2004-04-08 reporter dr_insane source https://www.exploit-db.com/download/23941/ title 1st Class Mail Server 4.0 1 advanced.tagz XSS description 1st Class Mail Server 4.0 1 viewmail.tagz XSS. CVE-2004-2447. Webapps exploit for cgi platform id EDB-ID:23937 last seen 2016-02-02 modified 2004-04-08 published 2004-04-08 reporter dr_insane source https://www.exploit-db.com/download/23937/ title 1st Class Mail Server 4.0 1 viewmail.tagz XSS description 1st Class Mail Server 4.0 1 list.tagz XSS. CVE-2004-2447 . Webapps exploit for cgi platform id EDB-ID:23942 last seen 2016-02-02 modified 2004-04-08 published 2004-04-08 reporter dr_insane source https://www.exploit-db.com/download/23942/ title 1st Class Mail Server 4.0 1 list.tagz XSS description 1st Class Mail Server 4.0 1 members.tagz XSS. CVE-2004-2447. Webapps exploit for cgi platform id EDB-ID:23939 last seen 2016-02-02 modified 2004-04-08 published 2004-04-08 reporter dr_insane source https://www.exploit-db.com/download/23939/ title 1st Class Mail Server 4.0 1 members.tagz XSS
References
- http://secunia.com/advisories/11330
- http://secunia.com/advisories/11330
- http://securitytracker.com/alerts/2004/Apr/1009705.html
- http://securitytracker.com/alerts/2004/Apr/1009705.html
- http://www.osvdb.org/5012
- http://www.osvdb.org/5012
- http://www.osvdb.org/5013
- http://www.osvdb.org/5013
- http://www.osvdb.org/5014
- http://www.osvdb.org/5014
- http://www.osvdb.org/5015
- http://www.osvdb.org/5015
- http://www.osvdb.org/5016
- http://www.osvdb.org/5016
- http://www.osvdb.org/5017
- http://www.osvdb.org/5017
- http://www.securityfocus.com/bid/10089
- http://www.securityfocus.com/bid/10089
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15815
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15815