Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1036

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1036
Last Modified 05 Sep 2008 04:29:36
Published 04 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1036

Summary

Cross-site scripting vulnerability in search.pl for Fluid Dynamics Search Engine (FDSE) before 2.0.0.0055 allows remote attackers to execute web script via the (1) Rank or (2) Match parameters.

Vulnerable Systems

Application

  • Zoltan Milosevic Fluid Dynamics Search Engine 2.0.0.0050

  • Zoltan Milosevic Fluid Dynamics Search Engine 2.0.0.0051

  • Zoltan Milosevic Fluid Dynamics Search Engine 2.0.0.0052

  • Zoltan Milosevic Fluid Dynamics Search Engine 2.0.0.0053

  • Zoltan Milosevic Fluid Dynamics Search Engine 2.0.0.0054


References

BID - 5199

XF - fd-search-xss(9533)

CONFIRM - http://www.xav.com/scripts/search/changes.htm#4

BUGTRAQ - 20020710 XSS Hole in Fluid Dynamics search Engine

BUGTRAQ - 20020710 RE: XSS Hole in Fluid Dynamics Search engine


Last Updated: 27 May 2016 10:37:10