header-logo
Suggest Exploit
vendor:
WebcamXP
by:
SecurityFocus
7.5
CVSS
HIGH
Cross-Site Scripting
79
CWE
Product Name: WebcamXP
Affected Version From: 01.06.0945
Affected Version To: Unknown
Patch Exists: YES
Related CWE: N/A
CPE: a:webcamxp:webcamxp:1.06.945
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2004

WebcamXP Cross-Site Scripting Vulnerability

It has been reported that WebcamXP may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. It has been reported that HTML and script code may be parsed via a malicious URI. Successful exploitation of this attack may allow an attacker to steal cookie-based authentication credentials. Other attacks are also possible.

Mitigation:

Input validation should be used to ensure that user-supplied data is properly sanitized.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9465/info

It has been reported that WebcamXP may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. It has been reported that HTML and script code may be parsed via a malicious URI.

Successful exploitation of this attack may allow an attacker to steal cookie-based authentication credentials. Other attacks are also possible. 

WebcamXP version 1.06.945 has been identified as vulnerable, however, other versions could be affected as well.

http://www.example.com/<script>alert('XSS')</script>

Navigation

Suggest Exploit

Services By CQR