CVE-2004-2564 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server 6.1 Beta 2 on Windows and possibly other versions on Linux allow remote attackers to inject arbitrary web script or HTML via (1) the show parameter in show.asp and (2) the title parameter in showperf.asp.

Reference

http://secunia.com/advisories/11748 http://securitytracker.com/id?1010353 http://www.oliverkarow.de/research/sambar.txt http://www.osvdb.org/6583 http://www.osvdb.org/6584 http://www.securityfocus.com/bid/10444 https://exchange.xforce.ibmcloud.com/vulnerabilities/16286