Vulnerability Details CVE-2014-9606
Multiple cross-site scripting (XSS) vulnerabilities in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) server parameter to remotereporter/load_logfiles.php, (2) customctid parameter to webadmin/policy/category_table_ajax.php, (3) urllist parameter to webadmin/alert/alert.php, (4) QUERY_STRING to webadmin/ajaxfilemanager/ajax_get_file_listing.php, or (5) PATH_INFO to webadmin/policy/policy_table_ajax.php/.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.094
EPSS Ranking 92.4%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2014-9606
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.1
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.10
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.11
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.12
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.13
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.14
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.15
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.16
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.2
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.4
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.5
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.6
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.7
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.8
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.9
-
cpe:2.3:a:netsweeper:netsweeper:3.0.0
-
cpe:2.3:a:netsweeper:netsweeper:3.0.1
-
cpe:2.3:a:netsweeper:netsweeper:3.0.2
-
cpe:2.3:a:netsweeper:netsweeper:3.0.3
-
cpe:2.3:a:netsweeper:netsweeper:3.0.4
-
cpe:2.3:a:netsweeper:netsweeper:3.0.5
-
cpe:2.3:a:netsweeper:netsweeper:3.0.6
-
cpe:2.3:a:netsweeper:netsweeper:3.0.7
-
cpe:2.3:a:netsweeper:netsweeper:3.0.8
-
cpe:2.3:a:netsweeper:netsweeper:3.0.9
-
cpe:2.3:a:netsweeper:netsweeper:3.1.0
-
cpe:2.3:a:netsweeper:netsweeper:3.1.1
-
cpe:2.3:a:netsweeper:netsweeper:3.1.2
-
cpe:2.3:a:netsweeper:netsweeper:3.1.3
-
cpe:2.3:a:netsweeper:netsweeper:3.1.4
-
cpe:2.3:a:netsweeper:netsweeper:3.1.5
-
cpe:2.3:a:netsweeper:netsweeper:3.1.6
-
cpe:2.3:a:netsweeper:netsweeper:3.1.7
-
cpe:2.3:a:netsweeper:netsweeper:3.1.8
-
cpe:2.3:a:netsweeper:netsweeper:3.1.9
-
cpe:2.3:a:netsweeper:netsweeper:4.0.0
-
cpe:2.3:a:netsweeper:netsweeper:4.0.1
-
cpe:2.3:a:netsweeper:netsweeper:4.0.2
-
cpe:2.3:a:netsweeper:netsweeper:4.0.3
-
cpe:2.3:a:netsweeper:netsweeper:4.0.4
-
cpe:2.3:a:netsweeper:netsweeper:4.0.5
-
cpe:2.3:a:netsweeper:netsweeper:4.0.6
-
cpe:2.3:a:netsweeper:netsweeper:4.0.7
-
cpe:2.3:a:netsweeper:netsweeper:4.0.8
-
cpe:2.3:a:netsweeper:netsweeper:4.1.0
-
cpe:2.3:a:netsweeper:netsweeper:4.1.1