This host is installed with Ecava IntegraXor and is prone to cross site scripting vulnerabilities.
Successful exploitation will allow attacker to execute arbitrary HTML and script code in a user's browser session in the context of a vulnerable site. This may allow an attacker to steal cookie-based authentications and launch further attacks. Impact Level: Application
Upgrade to the Ecava IntegraXor version 3.60 (Build 4080) or later, For updates refer to http://www.ecava.com/index.htm
The flaws are caused by improper validation of user-supplied input passed via unspecified vectors, which allows attackers to execute arbitrary HTML and script code on the web server.
Ecava IntegraXor versions prior to 3.60 (Build 4080).
- Cherokee URI Directory Traversal Vulnerability and Information Disclosure Vulnerability
- HttpBlitz Server HTTP Request Remote Denial of Service Vulnerability
- Apache Tomcat HTTP NIO Denial Of Service Vulnerability (Windows)
- IBM WebSphere Application Server (WAS) Cross-site Scripting Vulnerability
- Herberlin Bremsserver Directory Traversal Vulnerability