Vulnerabilities > CVE-2002-1703 - Cross-Site Scripting vulnerability in Mewsoft Netauction 3.0

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

mewsoft

exploit available

NVD

Published: 2002-12-31

Updated: 2017-07-11

Summary

Cross-site scripting vulnerability (XSS) in auction.cgi for Mewsoft NetAuction 3.0 allows remote attackers to execute arbitrary script as other users via the Term parameter.

Vulnerable Configurations

Part	Description	Count
Application	Mewsoft Mewsoft Netauction 3.0	1

Exploit-Db

description	Mewsoft NetAuction 3.0 Cross Site Scripting Vulnerability. CVE-2002-1703. Webapps exploit for cgi platform
id	EDB-ID:21553
last seen	2016-02-02
modified	2002-06-14
published	2002-06-14
reporter	windows-1256
source	https://www.exploit-db.com/download/21553/
title	Mewsoft NetAuction 3.0 - Cross-Site Scripting Vulnerability

References

http://online.securityfocus.com/archive/1/277049
http://www.securityfocus.com/bid/5023
https://exchange.xforce.ibmcloud.com/vulnerabilities/9365