CVE-2008-1037

EPSS 1.5%

Cross-site scripting (XSS) vulnerability in the file listing function in the web management interface in Packeteer PacketShaper and PolicyCenter 8.2.2 allows remote attackers to inject arbitrary web script or HTML via the FILELIST parameter to an arbitrary component, which triggers injection into an Error Report page.

Affected products

n/a · n/a

public PoCs found — 1

exploitdbwww.exploit-db.com/exploits/31298unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://secunia.com/advisories/29119 http://securityreason.com/securityalert/3701 http://www.securityfocus.com/archive/1/488712/100/0/threaded http://www.securityfocus.com/bid/27982 http://www.securitytracker.com/id?1019501