Lucene search

[email protected]CVE-2002-1008

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-1008

2002-10-0404:00:00

[email protected]

web.nvd.nist.gov

cve

2002

1008

cross-site scripting

powerbasic

urlcount.cgi

lil' http

web server

remote attackers

arbitrary web script

web browsers

report capability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

High

0.031 Low

EPSS

Percentile

91.1%

JSON

Cross-site scripting vulnerability in PowerBASIC urlcount.cgi, as included in Lil’ HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via a request to urlcount.cgi that contains the script, which is not filtered when the REPORT capability prints the original request.

Affected configurations

NVD

Node

summit_computer_networkslil_http_serverMatch2.1

summit_computer_networkslil_http_serverMatch2.2

CPENameOperatorVersion
summit_computer_networks:lil_http_serversummit computer networks lil http servereq2.1
summit_computer_networks:lil_http_serversummit computer networks lil http servereq2.2

CPE	Name	Operator	Version
summit_computer_networks:lil_http_server	summit computer networks lil http server	eq	2.1
summit_computer_networks:lil_http_server	summit computer networks lil http server	eq	2.2

References

archives.neohapsis.com/archives/bugtraq/2002-06/0332.html

archives.neohapsis.com/archives/bugtraq/2002-07/0072.html

www.iss.net/security_center/static/9445.php

www.securityfocus.com/bid/5115

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

High

0.031 Low

EPSS

Percentile

91.1%

JSON

Related for CVE-2002-1008

nvd1 cvelist1