CyberSec.Space Logo
CVEブラウザに戻る

CVE-2001-0987

HIGH
7.5
CVSS Severity Score
EPSS Score0.0110%
EPSS Percentile4.93th
Published2001年7月22日
Last Modified2026年4月16日

Vulnerability Description

Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap.

Affected Platforms (CPE)

📦
Nathan Neulinger

Cgiwrap

<= 3.7

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2001-07/0499.html
🔗 http://cgiwrap.sourceforge.net/changes.html
🔗 http://www.osvdb.org/1909
🔗 http://www.securityfocus.com/bid/3084
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/6886
🔗 http://archives.neohapsis.com/archives/bugtraq/2001-07/0499.html
🔗 http://cgiwrap.sourceforge.net/changes.html
🔗 http://www.osvdb.org/1909

関連する脆弱性情報

CVE-2005-325410.0

The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can pe...

CVE-2000-04317.5

Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which a...

CVE-2005-32555.0

The (1) cgiwrap and (2) php-cgiwrap packages before 3.9 in Debian GNU/Linux provide access to debugging CGIs under the web documen...

CVE-2006-07675.0

CGIWrap before 3.10 allows remote attackers to obtain sensitive information via unknown attack vectors that cause errors in script...