Description
Cross-site scripting (XSS) vulnerability in Neptune Web Server 3.0 allows remote attackers to inject arbitrary web script or HTML via the URI, which is not properly handled in the 404 error page.
Exploits
313622008-03-07remoteMultiple
Neptune Web Server 3.0 - 404 Error Page Cross-Site Scripting
By NetJackal
References
cve@mitre.org
http://securityreason.com/securityalert/3725cve@mitre.org
http://www.securityfocus.com/bid/28148af854a3a-2127-422b-91ae-364da2661108
http://securityreason.com/securityalert/3725af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/489282/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/28148af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/41089