CVE-2008-1283

Neptune Web Server 3.0 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in Neptune Web Server 3.0 allows remote attackers to inject arbitrary web script or HTML via the URI, which is not properly handled in the 404 error page.

Exploits (1)

exploitdb WORKING POC VERIFIED

by NetJackal · textremotemultiple

https://www.exploit-db.com/exploits/31362

View Code ZIP pw:eip

References (4)

[Exploit] http://www.securityfocus.com/bid/28148

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/41089

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/489282/100/0/threaded

[Third Party Advisory] http://securityreason.com/securityalert/3725

Scores

EPSS 0.0348

EPSS Percentile 87.4%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

silver-forge/neptune_web_server

Timeline

Published Mar 11, 2008

Tracked Since Feb 18, 2026