CVE-2002-2192

Perception LiteServe 2.0.1 - Cross-Site Scripting via Host Header or Directory Query String

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2002-2192. PoCs published by Matthew Murphy.

AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in Perception LiteServe when Wildcard DNS is enabled. The malicious link injects HTML and script code into the requested hostname, which executes in the victim's browser.

Description

Cross-site scripting (XSS) vulnerability in Perception LiteServe 2.0.1 allows remote attackers to execute arbitrary web script via (1) a Host: header when DNS wildcards are supported or (2) the query string in a "dir" request to indexed folders.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Matthew Murphy · textremotewindows
https://www.exploit-db.com/exploits/21997

This exploit demonstrates a cross-site scripting (XSS) vulnerability in Perception LiteServe when Wildcard DNS is enabled. The malicious link injects HTML and script code into the requested hostname, which executes in the victim's browser.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Perception LiteServe v2.01
No auth needed
Prerequisites: Wildcard DNS enabled on the target server
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by Matthew Murphy · textremotewindows
https://www.exploit-db.com/exploits/21999

The provided text describes a cross-site scripting (XSS) vulnerability in Perception LiteServe, where query strings in indexed folders are not properly sanitized. The exploit involves crafting malicious URLs with encoded HTML and script code to execute arbitrary JavaScript in the context of the victim's browser.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Perception LiteServe
No auth needed
Prerequisites: Victim must click on a malicious link
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit, Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/6131
Exploit, Vendor Advisory mailing-list x_refsource_bugtraq
http://online.securityfocus.com/archive/1/298987
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10561.php
Exploit, Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/6143
Exploit mailing-list x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0063.html

Scores

EPSS 0.0369
EPSS Percentile 88.3%

Details

Status published
Products (1)
perception/liteserve 2.0.1
Published Dec 31, 2002
Tracked Since Feb 18, 2026