Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Servers :: bt1364.txt

Fastream NetFile FTP/WebServer 6.0 CSS Vulnerability





Fastream NetFile FTP/WebServer 6.0 CSS Vulnerability
---------------------------------------------------------------

There is a Cross-Site-Scripting Vulnerability in Fastream
NetFile FTP/Webserver Version 6.0.3.588.

Requesting a non existing URL will give a "404 Not Found" answer,
containing the requested URL. It is not checked if the URL contains
script code.

Exploiting:
-----------
http://webserver/<script>alert("bang")</script>

Vendor:
-------
http://www.fastream.com/NETFileServer

Credit:
-------
Oliver.Karow[AT]gmx.de
www.oliverkarow.de
28.10.2003


-- 
NEU FÜR ALLE - GMX MediaCenter - für Fotos, Musik, Dateien...
Fotoalbum, File Sharing, MMS, Multimedia-Gruß, GMX FotoService

Jetzt kostenlos anmelden unter http://www.gmx.net

+++ GMX - die erste Adresse für Mail, Message, More! +++


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH