CVE-2004-1935

SCT Corporation Campus Pipeline - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in SCT Campus Pipeline allows remote attackers to inject arbitrary web script or HTML via onload, onmouseover, and other Javascript events in an e-mail attachment.

Exploits (1)

exploitdb WORKING POC VERIFIED

by spiffomatic 64 · htmlwebappsphp

https://www.exploit-db.com/exploits/24008

View Code ZIP pw:eip

References (4)

[Exploit, Patch, Vendor Advisory] http://secunia.com/advisories/11396

[Mailing List] http://marc.info/?l=bugtraq&m=108207280917231&w=2

[Patch, Vendor Advisory] http://www.securityfocus.com/bid/10154

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/15878

Scores

EPSS 0.0065

EPSS Percentile 70.8%

Details

Status published

Products (7)

sct_corporation/campus_pipeline 1.0

sct_corporation/campus_pipeline 2.0

sct_corporation/campus_pipeline 2.1

sct_corporation/campus_pipeline 2.2

sct_corporation/campus_pipeline 3.0

sct_corporation/campus_pipeline 3.1

sct_corporation/campus_pipeline 3.2

Published Apr 15, 2004

Tracked Since Feb 18, 2026