Lucene search

[email protected]CVE-2002-0958

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-0958

2002-10-0404:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2002-0958

cross-site scripting

browse.php

php(reactor) 1.2.7

remote attackers

script execution

7.2 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.1%

JSON

Cross-site scripting vulnerability in browse.php for PHP(Reactor) 1.2.7 allows remote attackers to execute script as other users via the go parameter in the comments section.

CPENameOperatorVersion
ekilat_llc:php\(reactor\)ekilat llc php\(reactor\)eq1.2.7

CPE	Name	Operator	Version
ekilat_llc:php\(reactor\)	ekilat llc php\(reactor\)	eq	1.2.7

References

archives.neohapsis.com/archives/bugtraq/2002-06/0034.html

sourceforge.net/project/shownotes.php?release_id=91877

www.iss.net/security_center/static/9280.php

www.securityfocus.com/bid/4952

7.2 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.1%

JSON