Vulnerabilities > CVE-2002-1493 - HTML Injection vulnerability in Lycos HTMLGear guestGear CSS

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
lycos
exploit available

Summary

Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook allows remote attackers to inject arbitrary script via (1) STYLE attributes or (2) SRC attributes in an IMG tag.

Vulnerable Configurations

Part Description Count
Application
Lycos
1

Exploit-Db

descriptionLycos HTMLGear guestGear CSS HTML Injection Vulnerability. CVE-2002-1493. Webapps exploit for cgi platform
idEDB-ID:21802
last seen2016-02-02
modified2002-09-17
published2002-09-17
reporterMatthew Murphy
sourcehttps://www.exploit-db.com/download/21802/
titleLycos HTMLGear guestGear CSS HTML Injection Vulnerability