CVE-2002-1455
published 2003-06-09CVE-2002-1455: Multiple cross-site scripting (XSS) vulnerabilities in OmniHTTPd allow remote attackers to insert script or HTML into web pages via (1) test.php, (2)…
PriorityP417medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
3.94%
89.1th percentile
Multiple cross-site scripting (XSS) vulnerabilities in OmniHTTPd allow remote attackers to insert script or HTML into web pages via (1) test.php, (2) test.shtml, or (3) redir.exe.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
OmniHTTPd 1.1/2.0.x/2.4 - 'test.php' Sample Application Cross-Site Scripting
exploitdb·2002-08-26
CVE-2002-1455 OmniHTTPd 1.1/2.0.x/2.4 - 'test.php' Sample Application Cross-Site Scripting
OmniHTTPd 1.1/2.0.x/2.4 - 'test.php' Sample Application Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/5568/info
Cross site scripting vulnerabilities have been reported in multiple sample scripts including with OmniHTTPD. In particular, test.shtml and test.php contain errors.
This type of vulnerability may be used to steal cookies or perform other web-based attacks.
http://localhost/test.php?%3CSCRIPT%3Ealert%28document.URL%29%3C%2FSCRIPT%3E=x
Exploit-DB
OmniHTTPd 1.1/2.0.x/2.4 - test.shtml Sample Application Cross-Site Scripting
exploitdb·2002-08-26
CVE-2002-1455 OmniHTTPd 1.1/2.0.x/2.4 - test.shtml Sample Application Cross-Site Scripting
OmniHTTPd 1.1/2.0.x/2.4 - test.shtml Sample Application Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/5568/info
Cross site scripting vulnerabilities have been reported in multiple sample scripts including with OmniHTTPD. In particular, test.shtml and test.php contain errors.
This type of vulnerability may be used to steal cookies or perform other web-based attacks.
http://localhost/test.shtml?%3CSCRIPT%3Ealert(document.URL)%3C%2FSCRIPT%3E=x
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2002-08/0263.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-08/0264.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-08/0266.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-08/0263.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-08/0264.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-08/0266.html
2003-06-09
Published