Lucene search

[email protected]CVE-2002-1680

HistoryJun 21, 2005 - 4:00 a.m.

CVE-2002-1680

2005-06-2104:00:00

[email protected]

web.nvd.nist.gov

cve-2002-1680

cross-site scripting

xss

cgi

online worldweb shopping 1.1

cows

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.6 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.9%

JSON

Cross-site scripting (XSS) vulnerability in CGI Online Worldweb Shopping 1.1 (a.k.a. COWS) allows remote attackers to execute arbitrary script as other users by injecting script into (1) diagnose.cgi or (2) compatible.cgi.

Affected configurations

NVD

Node

cowscgi_online_worldweb_shoppingMatch1.1

CPENameOperatorVersion
cows:cgi_online_worldweb_shoppingcows cgi online worldweb shoppingeq1.1

CPE	Name	Operator	Version
cows:cgi_online_worldweb_shopping	cows cgi online worldweb shopping	eq	1.1

References

online.securityfocus.com/archive/82/251570

www.securityfocus.com/bid/3914

www.securityfocus.com/bid/3921

exchange.xforce.ibmcloud.com/vulnerabilities/7986

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.6 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.9%

JSON

Related for CVE-2002-1680

cvelist1 nvd1