Vulnerabilities > CVE-2004-2564 - Multiple vulnerability in Sambar Server 6.1

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
sambar
exploit available
NVD
Published: 2004-12-31
Updated: 2017-07-11

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server 6.1 Beta 2 on Windows, and possibly other versions on Linux, allow remote attackers to inject arbitrary web script or HTML via (1) the show parameter in show.asp and (2) the title parameter in showperf.asp.

Vulnerable Configurations

Part Description Count
Application
Sambar
1

Exploit-Db

  • descriptionSambar Server 6.1 beta 2 showperf.asp title Parameter XSS. CVE-2004-2564. Remote exploit for windows platform
    idEDB-ID:24162
    last seen2016-02-02
    modified2004-06-01
    published2004-06-01
    reporterOliver Karow
    sourcehttps://www.exploit-db.com/download/24162/
    titleSambar Server 6.1 beta 2 showperf.asp title Parameter XSS
  • descriptionSambar Server 6.1 beta 2 show.asp show Parameter XSS. CVE-2004-2564. Remote exploit for windows platform
    idEDB-ID:24161
    last seen2016-02-02
    modified2004-06-01
    published2004-06-01
    reporterOliver Karow
    sourcehttps://www.exploit-db.com/download/24161/
    titleSambar Server 6.1 beta 2 show.asp show Parameter XSS

References