Vulnerabilities > CVE-2004-2618 - Input Validation vulnerability in Pegasi web Server Pegasi web Server 0.2.2
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote attackers to inject arbitrary web script or HTML via the URI, directly after the initial '/' (slash).
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Pegasi Web Server 0.2.2 Error Page XSS. CVE-2004-2618. Remote exploit for linux platform |
| id | EDB-ID:23803 |
| last seen | 2016-02-02 |
| modified | 2004-03-11 |
| published | 2004-03-11 |
| reporter | Donato Ferrante |
| source | https://www.exploit-db.com/download/23803/ |
| title | Pegasi Web Server 0.2.2 Error Page XSS |
References
- http://archives.neohapsis.com/archives/bugtraq/2004-03/0109.html
- http://archives.neohapsis.com/archives/bugtraq/2004-03/0136.html
- http://secunia.com/advisories/11122
- http://sourceforge.net/forum/forum.php?forum_id=359660
- http://www.autistici.org/fdonato/advisory/pws0.2.2-adv.txt
- http://www.osvdb.org/4255
- http://www.securityfocus.com/bid/9847
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15436