Lucene search
This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.COOLPHP_XSS.NASLHistoryOct 18, 2004 - 12:00 a.m.
CoolPHP 1.0 Multiple Vulnerabilities
2004-10-1800:00:00
This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
20
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.028 Low
EPSS
Percentile
90.8%
The remote host is running the CoolPHP Content Management system.
There are various flaws in the remote version of this software which may allow an attacker to read arbitrary files on the remote host or to set up a cross-site scripting attack.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if(description)
{
script_id(15506);
script_version("1.23");
script_cve_id("CVE-2004-1599", "CVE-2004-1601");
script_bugtraq_id(11437);
script_name(english:"CoolPHP 1.0 Multiple Vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"The remote web server is running an application that is vulnerable to
multiple flaws." );
script_set_attribute(attribute:"description", value:
"The remote host is running the CoolPHP Content Management system.
There are various flaws in the remote version of this software which
may allow an attacker to read arbitrary files on the remote host or to
set up a cross-site scripting attack." );
script_set_attribute(attribute:"solution", value:
"None at this time." );
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);
script_set_attribute(attribute:"plugin_publication_date", value: "2004/10/18");
script_set_attribute(attribute:"vuln_publication_date", value: "2004/10/16");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_end_attributes();
script_summary(english:"Checks for CoolPHP");
script_category(ACT_ATTACK);
script_copyright(english:"This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english: "CGI abuses");
script_dependencie("http_version.nasl", "cross_site_scripting.nasl");
script_require_ports("Services/www", 80);
script_exclude_keys("Settings/disable_cgi_scanning");
script_require_keys("Settings/ParanoidReport", "www/PHP");
exit(0);
}
# The script code starts here
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");
port = get_http_port(default:80);
if(!get_port_state(port))exit(0);
if(get_kb_item(string("www/", port, "/generic_xss"))) exit(0);
if(!can_host_php(port:port))exit(0);
test_cgi_xss(port: port, cgi: '/index.php',
qs: "op=userinfo&nick=<script>foo</script>",
pass_str: "<script>foo</script>");
Related
cve
cve
CVE-2004-1599
2005-02-20 05:00:00
CVE-2004-1601
2005-02-20 05:00:00
nvd
nvd
CVE-2004-1599
2004-10-16 04:00:00
CVE-2004-1601
2004-10-16 04:00:00
cvelist
cvelist
CVE-2004-1599
2005-02-20 05:00:00
CVE-2004-1601
2005-02-20 05:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.028 Low
EPSS
Percentile
90.8%
Related for COOLPHP_XSS.NASL