Description
Cross-site scripting (XSS) vulnerability in Perception LiteServe 2.0.1 allows remote attackers to execute arbitrary web script via (1) a Host: header when DNS wildcards are supported or (2) the query string in a "dir" request to indexed folders.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Matthew Murphy · textremotewindows
https://www.exploit-db.com/exploits/21997
exploitdb
WRITEUP
VERIFIED
by Matthew Murphy · textremotewindows
https://www.exploit-db.com/exploits/21999
References (5)
Core 5
Core References
Exploit, Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/6131
Exploit, Vendor Advisory mailing-list
x_refsource_bugtraq
http://online.securityfocus.com/archive/1/298987
Third Party Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/10561.php
Exploit, Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/6143
Exploit mailing-list
x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0063.html
Scores
EPSS
0.0100
EPSS Percentile
77.1%
Details
Status
published
Products (1)
perception/liteserve
2.0.1
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026