Vulnerability Description
Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via the (1) "Name" or (2) "E-mail" parameters.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Summit Computer Networks | Lil Http Server | 2.1 |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0112.html
- http://www.iss.net/security_center/static/9548.phpVendor Advisory
- http://www.securityfocus.com/bid/5211ExploitVendor Advisory
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0112.html
- http://www.iss.net/security_center/static/9548.phpVendor Advisory
- http://www.securityfocus.com/bid/5211ExploitVendor Advisory
FAQ
What is CVE-2002-1009?
CVE-2002-1009 is a vulnerability with a CVSS score of 7.5 (HIGH). Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via the (1) "Name" or (2)...
How severe is CVE-2002-1009?
CVE-2002-1009 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1009?
Check the references section above for vendor advisories and patch information. Affected products include: Summit Computer Networks Lil Http Server.