header-logo
Suggest Exploit
vendor:
Bandmin
by:
SecurityFocus
4.3
CVSS
MEDIUM
Cross-site Scripting
79
CWE
Product Name: Bandmin
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: YES
Related CWE: CVE-2003-0753
CPE: o:bandmin:bandmin
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2003

Bandmin Cross-site Scripting Vulnerability

Bandmin is vulnerable to cross-site scripting attacks. An attacker can execute malicious scripts in the context of the site hosting Bandmin by enticing a user to follow a malicious link.

Mitigation:

To mitigate this vulnerability, users should ensure that all input is properly sanitized and validated.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7729/info

It has been reported that a cross-site scripting vulnerability exists in Bandmin. Because of this, an attacker may be able to execute script code or HTML in the context of the site hosting Bandmin by enticing a web user to follow a malicious link. 

http://www.example.com/bandwidth/index.cgi?action=showmonth&year=[FIRST SCRIPT]&month=[SECOND SCRIPT]

http://www.example.com/bandwidth/index.cgi?action=showhost&month=May&year=2003&host=[THIRD SCRIPT]

Navigation

Suggest Exploit

Services By CQR