Lucene search

[email protected]NVD:CVE-2002-1845

HistoryDec 31, 2002 - 5:00 a.m.

CVE-2002-1845

2002-12-3105:00:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.003

Percentile

70.5%

JSON

Cross-site scripting (XSS) vulnerability in index.php in Yet Another Bulletin Board (YaBB) 1.40 and 1.41 allows remote attackers to inject arbitrary web script or HTML via the password (passwrd) parameter.

Affected configurations

Nvd

Node

yabbyabbMatch1.40

yabbyabbMatch1.41

VendorProductVersionCPE
yabbyabb1.40cpe:2.3:a:yabb:yabb:1.40:*:*:*:*:*:*:*
yabbyabb1.41cpe:2.3:a:yabb:yabb:1.41:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
yabb	yabb	1.40	cpe:2.3:a:yabb:yabb:1.40:::::::*
yabb	yabb	1.41	cpe:2.3:a:yabb:yabb:1.41:::::::*

References

online.securityfocus.com/archive/1/296121

www.iss.net/security_center/static/10406.php

www.securityfocus.com/bid/6004

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.003

Percentile

70.5%

JSON

Related for NVD:CVE-2002-1845

cvelist1 cve1 exploitdb1