Description
Cross-site scripting (XSS) vulnerability in NetworkActiv Web Server 1.0, 2.0.0.6, 3.0.1.1, and 3.5.13, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the query string.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Secunia Research · textremotemultiple
https://www.exploit-db.com/exploits/26071
References (6)
Core 6
Core References
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/16301
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1014624
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/21696
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/14473
Patch, Vendor Advisory x_refsource_misc
http://secunia.com/secunia_research/2005-31/advisory/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/18525
Scores
EPSS
0.0105
EPSS Percentile
77.6%
Details
Status
published
Products (4)
networkactiv/networkactiv_web_server
1.0
networkactiv/networkactiv_web_server
2.0.0.6
networkactiv/networkactiv_web_server
3.0.1.1
networkactiv/networkactiv_web_server
3.5.13
Published
Aug 04, 2005
Tracked Since
Feb 18, 2026