This host is installed with Ecava IntegraXor and is prone to cross site scripting vulnerabilities.
Successful exploitation will allow attacker to execute arbitrary HTML and script code in a user's browser session in the context of a vulnerable site. This may allow an attacker to steal cookie-based authentications and launch further attacks. Impact Level: Application
Upgrade to the Ecava IntegraXor version 3.60 (Build 4080) or later, For updates refer to http://www.ecava.com/index.htm
The flaws are caused by improper validation of user-supplied input passed via unspecified vectors, which allows attackers to execute arbitrary HTML and script code on the web server.
Ecava IntegraXor versions prior to 3.60 (Build 4080).
- bozohttpd Security Bypass Vulnerability
- Apache mod_include priviledge escalation
- Jetty Cross Site Scripting and Information Disclosure Vulnerabilities
- IBM WebSphere Application Server IVT Cross Site Scripting Vulnerability
- Acme thttpd and mini_httpd Terminal Escape Sequence in Logs Command Injection Vulnerability