CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2003-1511

Cross-site scripting (XSS) vulnerability in Bajie Java HTTP Server 0.95 through 0.95zxv4 allows remote attackers to inject arbitrary web script or HTML via (1) the query string to test.txt, (2) the guestName parameter to the custMsg servlet, or (3) the cookiename parameter to the CookieExample servlet.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.1%

CVSS Severity

CVSS v2 Score 4.3

References

http://secunia.com/advisories/10023
http://securityreason.com/securityalert/3306
http://www.geocities.com/gzhangx/websrv/docs/security.html
http://www.securityfocus.com/archive/1/341452
http://www.securityfocus.com/bid/8841
http://secunia.com/advisories/10023
http://securityreason.com/securityalert/3306
http://www.geocities.com/gzhangx/websrv/docs/security.html
http://www.securityfocus.com/archive/1/341452
http://www.securityfocus.com/bid/8841

Products affected by CVE-2003-1511

Bajie » Java Http Server » Version: 0.95

cpe:2.3:a:bajie:java_http_server:0.95

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2003-1511

Products

Pricing

Contact Us