3 matches found
CVE-2002-1008
CVE-2002-1008 describes a cross-site scripting vulnerability in PowerBASIC urlcount.cgi, included with Lil’ HTTP web server. The flaw allows remote attackers to induce execution of web script in another browser by crafting a request to urlcount.cgi that contains unfiltered script, particularly wh...
CVE-2002-1009
The CVE-2002-1009 issue affects Lil’ HTTP Server (LilHTTP Web Server) via the pbcgi.cgi module. A cross-site scripting vulnerability allows remote attackers to inject and execute arbitrary web scripts in users’ browsers by supplying malicious input in the Name or E-mail parameters. This is a netw...
CVE-2002-0304
Lil HTTP Server 2.1 is affected by a path traversal vulnerability that lets remote attackers read password-protected files by including a /./ sequence in the HTTP request. The available documents confirm the affected product and the vulnerable behavior but do not provide details on attacker explo...