This host is running F*EX (Frams's Fast File EXchange) and is prone to multiple cross site scripting vulnerabilities.
Successful exploitation will allow remote attackers to insert arbitrary HTML and script code, which will be executed in a user's browser session in the context of an affected site. Impact Level: Application
Upgrade to Frams' Fast File EXchange version 20111129-2 or later For updates refer to http://fex.rus.uni-stuttgart.de/index.html
The inputs passed via 'to','from' and 'id' parameter to 'fup' is not properly validated, which allows attackers to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.
Frams' Fast File EXchange versions before 20111129-2
Updated on 2015-03-25
- Kolibri Webserver 'HEAD' Request Processing Buffer Overflow Vulnerability
- Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
- Cherokee Web Server Malformed Packet Remote Denial of Service Vulnerability
- Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability
- Acme thttpd and mini_httpd Terminal Escape Sequence in Logs Command Injection Vulnerability