English | Deutsch | Español | Português
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
    Search 84396 CVE descriptions
and 44666 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Web application abuses
Title:ViewCVS XSS
Summary:Checks for the version of ViewCVS
The remote host seems to be running ViewCVS, an open source CGI written in
python designed to access CVS directories using a web interface.

The remote version of this software is vulnerable to many cross-site scripting
flaws though the script 'viewcvs'.

Using a specially crafted URL, an attacker can cause arbitrary code execution
for third party users, thus resulting in a loss of integrity of their system.

Solution : Update to the latest version of this software
See also: http://viewcvs.sourceforge.net/
Cross-Ref: BugTraq ID: 4818
Common Vulnerability Exposure (CVE) ID: CVE-2002-0771
Bugtraq: 20020518 cross-site scripting bug of ViewCVS (Google Search)
CopyrightThis script is Copyright (C) 2004 David Maciejak

This is only one of 44666 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
Registered User Login

 Forgot userid or passwd?

Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2015 E-Soft Inc. All rights reserved.