CVE-2003-1547
published 2003-12-31CVE-2003-1547: Cross-site scripting (XSS) vulnerability in block-Forums.php in the Splatt Forum module for PHP-Nuke 6.x allows remote attackers to inject arbitrary web script…
PriorityP415medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
1.22%
65.0th percentile
Cross-site scripting (XSS) vulnerability in block-Forums.php in the Splatt Forum module for PHP-Nuke 6.x allows remote attackers to inject arbitrary web script or HTML via the subject parameter.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| francisco_burzi | php-nuke | — | — |
| francisco_burzi | php-nuke | — | — |
| francisco_burzi | php-nuke | — | — |
| francisco_burzi | php-nuke | — | — |
| francisco_burzi | php-nuke | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Outlook Web Access for Exchange Server 2003 - 'redir.asp' Open Redirection
exploitdb·2008-10-15
CVE-2008-1547 Microsoft Outlook Web Access for Exchange Server 2003 - 'redir.asp' Open Redirection
Microsoft Outlook Web Access for Exchange Server 2003 - 'redir.asp' Open Redirection
---
source: https://www.securityfocus.com/bid/31765/info
Outlook Web Access is prone to a remote URI-redirection vulnerability because the application fails to properly sanitize user-supplied input.
A successful exploit may aid in phishing attacks.
OWA 6.5 SP 2 is vulnerable; other versions may also be affected.
https://webmail.example.com/exchweb/bin/redir.asp?URL=http://www.example2.com
https://webmail.example.com/CookieAuth.dll?GetLogon?url=%2Fexchweb%2Fbin%2Fredir.asp%3FURL%3Dhttp%3A%2F%2Fwww.example2.com&reason=0
Nuclei
Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection
nuclei·CVSS 4.3
CVE-2008-1547 [MEDIUM] Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection
Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection
Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 (aka build 6.5.7638) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter.
Template:
id: CVE-2008-1547
info:
name: Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection
author: ctflearner
severity: medium
description: |
Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 (aka build 6.5.7638) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter.
impact: |
An attacker can exploit this
No writeups or analysis indexed.
http://secunia.com/advisories/8478http://securityreason.com/securityalert/3718http://www.securityfocus.com/archive/1/316925/30/25250/threadedhttp://www.securityfocus.com/archive/1/317230/30/25220/threadedhttp://www.securityfocus.com/bid/7248https://exchange.xforce.ibmcloud.com/vulnerabilities/11675http://secunia.com/advisories/8478http://securityreason.com/securityalert/3718http://www.securityfocus.com/archive/1/316925/30/25250/threadedhttp://www.securityfocus.com/archive/1/317230/30/25220/threadedhttp://www.securityfocus.com/bid/7248https://exchange.xforce.ibmcloud.com/vulnerabilities/11675
2003-12-31
Published