MidnightBSD

Advisories for networkactiv

CVE-2005-2453 MEDIUM

Cross-site scripting (XSS) vulnerability in NetworkActiv Web Server 1.0, 2.0.0.6, 3.0.1.1, and 3.5.13, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the query string.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
networkactiv networkactiv_web_server 3.5.13
networkactiv networkactiv_web_server 1.0
networkactiv networkactiv_web_server 3.0.1.1
networkactiv networkactiv_web_server 2.0.0.6
CVE-2006-0815 MEDIUM

NetworkActiv Web Server 3.5.15 allows remote attackers to read script source code via a crafted URL with a "/" (forward slash) after the file extension.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
networkactiv networkactiv_web_server 3.5.15