This host is installed with Ecava IntegraXor and is prone to cross site scripting vulnerabilities.
Successful exploitation will allow attacker to execute arbitrary HTML and script code in a user's browser session in the context of a vulnerable site. This may allow an attacker to steal cookie-based authentications and launch further attacks. Impact Level: Application
Upgrade to the Ecava IntegraXor version 3.60 (Build 4080) or later, For updates refer to http://www.ecava.com/index.htm
The flaws are caused by improper validation of user-supplied input passed via unspecified vectors, which allows attackers to execute arbitrary HTML and script code on the web server.
Ecava IntegraXor versions prior to 3.60 (Build 4080).
- IBM WebSphere Application Server Admin Console Cross-site Scripting Vulnerability
- IBM WebSphere Application Server Administration Directory Traversal Vulnerability
- HServer Webserver Multiple Directory Traversal Vulnerabilities
- Authentication bypassing in Lotus Domino
- IOServer Trailing Backslash Multiple Directory Traversal Vulnerabilities