OmniHTTPd 1.1/2.0.x/2.4 - test.shtml Sample Application Cross-Site Scripting
| EKU-ID: 27254 | CVE: CVE-2002-1455;OSVDB-9217 | OSVDB-ID: |
| Author: Matthew Murphy | Published: 2002-08-26 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 27254 | CVE: CVE-2002-1455;OSVDB-9217 | OSVDB-ID: |
| Author: Matthew Murphy | Published: 2002-08-26 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/5568/info Cross site scripting vulnerabilities have been reported in multiple sample scripts including with OmniHTTPD. In particular, test.shtml and test.php contain errors. This type of vulnerability may be used to steal cookies or perform other web-based attacks. http://localhost/test.shtml?%3CSCRIPT%3Ealert(document.URL)%3C%2FSCRIPT%3E=x