This host is running F*EX (Frams's Fast File EXchange) and is prone to multiple cross site scripting vulnerabilities.
Successful exploitation will allow remote attackers to insert arbitrary HTML and script code, which will be executed in a user's browser session in the context of an affected site. Impact Level: Application
Upgrade to Frams' Fast File EXchange version 20111129-2 or later For updates refer to http://fex.rus.uni-stuttgart.de/index.html
The inputs passed via 'to','from' and 'id' parameter to 'fup' is not properly validated, which allows attackers to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.
Frams' Fast File EXchange versions before 20111129-2
Updated on 2015-03-25
- F*EX (Frams's Fast File EXchange) Multiple XSS Vulnerabilities
- LiteSpeed Web Server Source Code Information Disclosure Vulnerability
- Cherokee Terminal Escape Sequence in Logs Command Injection Vulnerability
- Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
- Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities