Computer Security
[EN] securityvulns.ru no-pyccku


Nullsoft Shoutcast Server crossite scripting
Published:28.02.2007
Source:
SecurityVulns ID:7311
Type:remote
Threat Level:
5/10
Description:Crossite scripting with web administration log.
Affected:NULLSOFT : Shoutcast Server 1.9
CVE:CVE-2007-1229 (Cross-site scripting (XSS) vulnerability in the Nullsoft ShoutcastServer 1.9.7 allows remote attackers to inject arbitrary web script or HTML via the top-level URI on the Incoming interface (port 8001/tcp), which is not properly handled in the administrator interface when viewing the log file.)
Original documentdocumentSaMuschie, Nullsoft ShoutcastServer Persistant XSS - 0day (28.02.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod