Apache - CVE-2007-6388

Description

Kayran has detected that Cross-site scripting (XSS) can be done in mod_status in the version of the Apache HTTP Server being used.
This vulnerability can be exploited only if mod_status pages are publicly accessible.
Also known as CVE-2007-6388.

If mod_status is enabled and the status pages are publicly accessible, a cross-site scripting attack is possible.
If the server-status page is enabled, remote attackers can inject arbitrary web script or HTML by abusing unspecified vectors.

This vulnerability allow attackers to modify system files and information.

Severity/Score

CVSS Version 2.0 – 4.3 Medium

SQLI to RCE

How to preform SQLI TO RCE? One of the most interesting and important things about any site is the database. So, it’s important to protect

WAF – Web Application Firewall

WAF, which stands for Web Application Firewall, helps protect web-based applications by blocking and preventing many common types of attacks which would otherwise have been

Servers 101

Let’s have a “quick” Servers 101 Course. Courtesy of Kayran! If you’ve been on the internet for over an hour, you probably already heard of

Browser Exploitation

We know that it’s possible to exploit weaknesses (or vulnerabilities) that exist in anything, from a certain code to the entire application, let’s talk about

Playing Online? Dangers that exist in Online Games

Browser Games? Is it Safe to be Playing Online? What are Dangers that exist in Online Games? Is it better to download and play software

Designing our Web Apps – CSS

The CSS language which are the initials of Cascading Style Sheets, similar to HTML, CSS is not a programming language, it’s belong to a group

Apache – CVE-2007-6388

Description

Severity/Score

Recommendation

References