Vulnerabilities > CVE-2002-1036 - Cross-Site Scripting vulnerability in Fluid Dynamics Search Engine

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

zoltan-milosevic

exploit available

NVD

Published: 2002-10-04

Updated: 2008-09-05

Summary

Cross-site scripting vulnerability in search.pl for Fluid Dynamics Search Engine (FDSE) before 2.0.0.0055 allows remote attackers to execute web script via the (1) Rank or (2) Match parameters.

Vulnerable Configurations

Part	Description	Count
Application	Zoltan_Milosevic Zoltan Milosevic Fluid Dynamics Search Engine 2.0.0.0050 Zoltan Milosevic Fluid Dynamics Search Engine 2.0.0.0051 Zoltan Milosevic Fluid Dynamics Search Engine 2.0.0.0052 Zoltan Milosevic Fluid Dynamics Search Engine 2.0.0.0053 Zoltan Milosevic Fluid Dynamics Search Engine 2.0.0.0054	5

Exploit-Db

description	Fluid Dynamics Search Engine 2.0 Cross Site Scripting Vulnerability. CVE-2002-1036. Webapps exploit for cgi platform
id	EDB-ID:21609
last seen	2016-02-02
modified	2002-07-10
published	2002-07-10
reporter	VALDEUX
source	https://www.exploit-db.com/download/21609/
title	Fluid Dynamics Search Engine 2.0 - Cross-Site Scripting Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References