CVE-2002-1036

Published Oct 4, 2002

Last updated 16 years ago

CVSS info 7.5

Overview

Description: Cross-site scripting vulnerability in search.pl for Fluid Dynamics Search Engine (FDSE) before 2.0.0.0055 allows remote attackers to execute web script via the (1) Rank or (2) Match parameters.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:zoltan_milosevic:fluid_dynamics_search_engine:2.0.0.0050:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "503363CE-4E59-4566-B3BD-52C52F93E3BF"
          },
          {
            "criteria": "cpe:2.3:a:zoltan_milosevic:fluid_dynamics_search_engine:2.0.0.0051:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43439D3B-6DE3-448D-B4EB-ACDE0B1F3376"
          },
          {
            "criteria": "cpe:2.3:a:zoltan_milosevic:fluid_dynamics_search_engine:2.0.0.0052:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D04303A-99D8-4426-B5D4-BB07D7D34DB4"
          },
          {
            "criteria": "cpe:2.3:a:zoltan_milosevic:fluid_dynamics_search_engine:2.0.0.0053:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C815D6F3-8E27-4000-9C91-2B5762D15FB1"
          },
          {
            "criteria": "cpe:2.3:a:zoltan_milosevic:fluid_dynamics_search_engine:2.0.0.0054:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B746096-50EA-49D0-BCEB-F56E6EEB4B80"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References