QwikSec

Security Database

CVE

CWE

Training

CVE-2001-0835

Published: Nov 22, 2001

Modified: Aug 8, 2024

PUBLISHED

Description

Cross-site scripting vulnerability in Webalizer 2.01-06, and possibly other versions, allows remote attackers to inject arbitrary HTML tags by specifying them in (1) search keywords embedded in HTTP referrer information, or (2) host names that are retrieved via a reverse DNS lookup.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_BID

http://www.mrunix.net/webalizer/news.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

SuSE-SA:2001:040

vendor-advisory

x_refsource_SUSE

ESA-20011101-01

vendor-advisory

x_refsource_ENGARDE

webalizer-html-tags-keywords(7351)

vdb-entry

x_refsource_XF

webalizer-html-tag-host(7350)

vdb-entry

x_refsource_XF

vendor-advisory

x_refsource_REDHAT

20011024 Cross-site Scripting Flaw in webalizer

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.