4 matches found
CVE-2014-7261
Cross-site scripting XSS vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string that is improperly rendered during construction of a directory index page, a different vulnerability than CVE-2014-7263...
Cross site scripting
Cross-site scripting XSS vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP header, a different vulnerability than CVE-2014-7261...
CVE-2014-7261
Cross-site scripting XSS vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string that is improperly rendered during construction of a directory index page, a different vulnerability than CVE-2014-7263...
CVE-2014-7261
CVE-2014-7261 affects i-HTTPD (Windows) via a flaw in processing the HTTP header that can lead to cross-site scripting (CWE-79). The connected JVN entry explicitly documents an XSS in the HTTP header handling and notes that this vulnerability is distinct from CVE-2014-7263 (directory-index render...