Vulnerability Details CVE-2014-9606
Multiple cross-site scripting (XSS) vulnerabilities in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) server parameter to remotereporter/load_logfiles.php, (2) customctid parameter to webadmin/policy/category_table_ajax.php, (3) urllist parameter to webadmin/alert/alert.php, (4) QUERY_STRING to webadmin/ajaxfilemanager/ajax_get_file_listing.php, or (5) PATH_INFO to webadmin/policy/policy_table_ajax.php/.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.043
EPSS Ranking 89.8%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2014-9606
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.1
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.10
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.11
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.12
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.13
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.14
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.15
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.16
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.2
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.4
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.5
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.6
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.7
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.8
-
cpe:2.3:a:netsweeper:netsweeper:2.6.29.9
-
cpe:2.3:a:netsweeper:netsweeper:3.0.0
-
cpe:2.3:a:netsweeper:netsweeper:3.0.1
-
cpe:2.3:a:netsweeper:netsweeper:3.0.2
-
cpe:2.3:a:netsweeper:netsweeper:3.0.3
-
cpe:2.3:a:netsweeper:netsweeper:3.0.4
-
cpe:2.3:a:netsweeper:netsweeper:3.0.5
-
cpe:2.3:a:netsweeper:netsweeper:3.0.6
-
cpe:2.3:a:netsweeper:netsweeper:3.0.7
-
cpe:2.3:a:netsweeper:netsweeper:3.0.8
-
cpe:2.3:a:netsweeper:netsweeper:3.0.9
-
cpe:2.3:a:netsweeper:netsweeper:3.1.0
-
cpe:2.3:a:netsweeper:netsweeper:3.1.1
-
cpe:2.3:a:netsweeper:netsweeper:3.1.2
-
cpe:2.3:a:netsweeper:netsweeper:3.1.3
-
cpe:2.3:a:netsweeper:netsweeper:3.1.4
-
cpe:2.3:a:netsweeper:netsweeper:3.1.5
-
cpe:2.3:a:netsweeper:netsweeper:3.1.6
-
cpe:2.3:a:netsweeper:netsweeper:3.1.7
-
cpe:2.3:a:netsweeper:netsweeper:3.1.8
-
cpe:2.3:a:netsweeper:netsweeper:3.1.9
-
cpe:2.3:a:netsweeper:netsweeper:4.0.0
-
cpe:2.3:a:netsweeper:netsweeper:4.0.1
-
cpe:2.3:a:netsweeper:netsweeper:4.0.2
-
cpe:2.3:a:netsweeper:netsweeper:4.0.3
-
cpe:2.3:a:netsweeper:netsweeper:4.0.4
-
cpe:2.3:a:netsweeper:netsweeper:4.0.5
-
cpe:2.3:a:netsweeper:netsweeper:4.0.6
-
cpe:2.3:a:netsweeper:netsweeper:4.0.7
-
cpe:2.3:a:netsweeper:netsweeper:4.0.8
-
cpe:2.3:a:netsweeper:netsweeper:4.1.0
-
cpe:2.3:a:netsweeper:netsweeper:4.1.1