This host is installed with Ecava IntegraXor and is prone to cross site scripting vulnerabilities.
Successful exploitation will allow attacker to execute arbitrary HTML and script code in a user's browser session in the context of a vulnerable site. This may allow an attacker to steal cookie-based authentications and launch further attacks. Impact Level: Application
Upgrade to the Ecava IntegraXor version 3.60 (Build 4080) or later, For updates refer to http://www.ecava.com/index.htm
The flaws are caused by improper validation of user-supplied input passed via unspecified vectors, which allows attackers to execute arbitrary HTML and script code on the web server.
Ecava IntegraXor versions prior to 3.60 (Build 4080).
- bozotic HTTP server Information Disclosure Vulnerability
- Acritum Femitter Server URI Directory Traversal Vulnerability
- Apache HTTP Server mod_proxy_ajp Process Timeout DoS Vulnerability (Windows)
- Cherokee URI Directory Traversal Vulnerability and Information Disclosure Vulnerability
- bozohttpd Security Bypass Vulnerability