Users login

Create an account »


Users login

Home » Hacking News » ht://Dig htsearch Cross Site Scripting Vulnerability

ht://Dig htsearch Cross Site Scripting Vulnerability

by Nikola Strahija on June 27th, 2002 ht://Dig is a freely available, open source search engine. It is developed and maintained by the ht://Dig project, and functions on the Unix and Linux operating systems. When a user submits a search request using ht://Dig, user supplied input is not sufficiently sanitized. Malicious URLs may cause arbitrary script code to be included in HTML generated by htsearch.cgi.

This could allow for the execution of malicious code in the context of the site.

Remote: Yes

Exploit: No

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »