CVE-2002-1009

Summit Computer Networks Lil HTTP Server - XSS

Title source: rule

Description

Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via the (1) "Name" or (2) "E-mail" parameters.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Matthew Murphy · textremotewindows

https://www.exploit-db.com/exploits/21611

View Code ZIP pw:eip

References (3)

Core 3

Core References

Vendor Advisory vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/9548.php

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/5211

Third Party Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2002-07/0112.html

Scores

EPSS 0.0306

EPSS Percentile 86.8%

Details

Status published

Products (2)

summit_computer_networks/lil_http_server 2.1

summit_computer_networks/lil_http_server 2.2

Published Oct 04, 2002

Tracked Since Feb 18, 2026