RSS   Vulnerabilities for 'I-httpd'   RSS

2014-12-11
 
CVE-2014-7263

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP header, a different vulnerability than CVE-2014-7261.

 
 
CVE-2014-7262

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in the Omake BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string.

 
 
CVE-2014-7261

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string that is improperly rendered during construction of a directory index page, a different vulnerability than CVE-2014-7263.

 
 
CVE-2014-7260

CWE-94
 

 
The Server Side Includes (SSI) implementation in the File Upload BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to execute arbitrary commands by uploading files containing commands in SSI directives.

 


Copyright 2024, cxsecurity.com

 

Back to Top