Vulnerability Description
Cross-site scripting vulnerability in search.pl for Fluid Dynamics Search Engine (FDSE) before 2.0.0.0055 allows remote attackers to execute web script via the (1) Rank or (2) Match parameters.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zoltan Milosevic | Fluid Dynamics Search Engine | 2.0.0.0050 |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0094.html
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0096.html
- http://www.iss.net/security_center/static/9533.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/5199ExploitPatchVendor Advisory
- http://www.xav.com/scripts/search/changes.htm#4
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0094.html
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0096.html
- http://www.iss.net/security_center/static/9533.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/5199ExploitPatchVendor Advisory
- http://www.xav.com/scripts/search/changes.htm#4
FAQ
What is CVE-2002-1036?
CVE-2002-1036 is a vulnerability with a CVSS score of 7.5 (HIGH). Cross-site scripting vulnerability in search.pl for Fluid Dynamics Search Engine (FDSE) before 2.0.0.0055 allows remote attackers to execute web script via the (1) Rank or (2) Match parameters.
How severe is CVE-2002-1036?
CVE-2002-1036 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1036?
Check the references section above for vendor advisories and patch information. Affected products include: Zoltan Milosevic Fluid Dynamics Search Engine.