header-logo
Suggest Exploit
vendor:
htmltonuke
by:
SecurityFocus
9.3
CVSS
HIGH
htmltonuke Remote Code Execution
94
CWE
Product Name: htmltonuke
Affected Version From: 1
Affected Version To: 1
Patch Exists: YES
Related CWE: CVE-2002-1490
CPE: o:htmltonuke:htmltonuke:1.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2002

htmltonuke Remote Code Execution

A vulnerability has been reported in htmltonuke, a web-based content management system, that may result in web code execution in the browser of visiting users. This code would be executed in the security context of the site hosting the vulnerable script. An attacker can exploit this vulnerability by crafting a malicious URL and sending it to a user. The URL would contain a malicious script that would be executed in the user's browser.

Mitigation:

Upgrade to the latest version of htmltonuke.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/8174/info

A vulnerability has been reported in htmltonuke that may result in web code execution in the browser of visiting users. This code would be executed in the security context of the site hosting the vulnerable script.

http://www.example.com/htmltonuke.php?filnavn=[SCRIPT]%20example.html

Navigation

Suggest Exploit

Services By CQR

cqrsecured