header-logo
Suggest Exploit
vendor:
cgitest.html
by:
SecurityFocus
3.3
CVSS
MEDIUM
Cross-Site Scripting
79
CWE
Product Name: cgitest.html
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

cgitest.html Cross-Site Scripting Vulnerability

cgitest.html has been reported prone to cross-site scripting attacks. The issue occurs due to a lack of sufficient sanitization performed on data supplied to the cgitest.html script. This issue could be exploited to cause hostile HTML and script code to be rendered in the browser of a user who is enticed to visit a malicious link to the vulnerable script.

Mitigation:

Input validation and output encoding should be used to prevent cross-site scripting attacks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/8242/info

cgitest.html has been reported prone to cross-site scripting attacks. The issue occurs due to a lack of sufficient sanitization performed on data supplied to the cgitest.html script.

This issue could be exploited to cause hostile HTML and script code to be rendered in the browser of a user who is enticed to visit a malicious link to the vulnerable script.

http://www.example.com/cgitest.html?<script>wi ndow.location="/cgi-bin/cgitest.exe?|<blahblah>%00";</script>

http://www.example.com/cgitest.html?<script>(document.cookie)</script>

Navigation

Suggest Exploit

Services By CQR