This host is running F*EX (Frams's Fast File EXchange) and is prone to multiple cross site scripting vulnerabilities.
Successful exploitation will allow remote attackers to insert arbitrary HTML and script code, which will be executed in a user's browser session in the context of an affected site. Impact Level: Application
Upgrade to Frams' Fast File EXchange version 20111129-2 or later For updates refer to http://fex.rus.uni-stuttgart.de/index.html
The inputs passed via 'to','from' and 'id' parameter to 'fup' is not properly validated, which allows attackers to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.
Frams' Fast File EXchange versions before 20111129-2
Updated on 2015-03-25
- HServer Webserver Multiple Directory Traversal Vulnerabilities
- Cherokee Terminal Escape Sequence in Logs Command Injection Vulnerability
- IBM WebSphere Application Server JNDI information disclosure Vulnerability
- IBM WebSphere Application Server (WAS) Multiple Vulnerabilities
- CUPS Information Disclosure Vulnerability