This host is installed with Ecava IntegraXor and is prone to cross site scripting vulnerabilities.
Successful exploitation will allow attacker to execute arbitrary HTML and script code in a user's browser session in the context of a vulnerable site. This may allow an attacker to steal cookie-based authentications and launch further attacks. Impact Level: Application
Upgrade to the Ecava IntegraXor version 3.60 (Build 4080) or later, For updates refer to http://www.ecava.com/index.htm
The flaws are caused by improper validation of user-supplied input passed via unspecified vectors, which allows attackers to execute arbitrary HTML and script code on the web server.
Ecava IntegraXor versions prior to 3.60 (Build 4080).
- Check for dangerous IIS default files
- IBM WebSphere Application Server 'plugin-key.kdb' Information Disclosure Vulnerability
- Apache Tomcat Multiple Security Bypass Vulnerabilities (Windows)
- lighttpd Slow Request Handling Remote Denial Of Service Vulnerability
- IBM HTTP Server Multiple Cross Site Scripting Vulnerabilities