CVE-2002-0681

GoAhead Web Server 2.1 - Cross-Site Scripting via 404 Error Page

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0681. PoCs published by Matt Moore.

AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in GoAhead WebServer 2.1, where unsanitized URLs in 404 error pages can execute malicious script code. The example URL demonstrates the attack vector but does not include functional exploit code.

Description

Cross-site scripting vulnerability in GoAhead Web Server 2.1 allows remote attackers to execute script as other web users via script in a URL that generates a "404 not found" message, which does not quote the script.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Matt Moore · textremotewindows

https://www.exploit-db.com/exploits/21608

View Code ZIP pw:eip

The provided text describes a cross-site scripting (XSS) vulnerability in GoAhead WebServer 2.1, where unsanitized URLs in 404 error pages can execute malicious script code. The example URL demonstrates the attack vector but does not include functional exploit code.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Theoretical

Target: GoAhead WebServer 2.1

No auth needed

Prerequisites: User interaction required to follow a malicious link

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/5198

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/81099

Vendor Advisory mailing-list x_refsource_vulnwatch

http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0013.html

Vendor Advisory vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/9518.php

Release Notes x_refsource_confirm

http://freecode.com/projects/embedthis-goahead-webserver/releases/343539

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=102631742711795&w=2

Scores

EPSS 0.0834

EPSS Percentile 94.2%

Details

Status published

Products (5)

goahead_software/goahead_webserver 2.1.1

goahead_software/goahead_webserver 2.1.2

goahead_software/goahead_webserver 2.1.3

goahead_software/goahead_webserver 2.1.4

goahead_software/goahead_webserver 2.1.5

Published Jul 23, 2002

Tracked Since Feb 18, 2026