ID |
CVE-2002-1009
|
Summary |
Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via the (1) "Name" or (2) "E-mail" parameters. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 7.5 (as of 05-09-2008 - 20:29) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
refmap
via4
|
bid | 5211 | bugtraq | 20020711 Lil'HTTP Pbcgi.cgi XSS Vulnerability | xf | lilhttp-pbcgi-xss(9548) |
|
Last major update |
05-09-2008 - 20:29 |
Published |
04-10-2002 - 04:00 |
Last modified |
05-09-2008 - 20:29 |