CVE-2002-1036
Fluid Dynamics Search Engine < 2.0.0.0055 - Cross-Site Scripting via Rank or Match Parameters
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2002-1036. PoCs published by VALDEUX.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in Fluid Dynamics Search Engine by embedding arbitrary HTML/JavaScript in the search results page via the 'Rank' parameter. The PoC URL triggers a simple XSS payload when processed by the vulnerable application.
Description
Cross-site scripting vulnerability in search.pl for Fluid Dynamics Search Engine (FDSE) before 2.0.0.0055 allows remote attackers to execute web script via the (1) Rank or (2) Match parameters.
Exploits (1)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in Fluid Dynamics Search Engine by embedding arbitrary HTML/JavaScript in the search results page via the 'Rank' parameter. The PoC URL triggers a simple XSS payload when processed by the vulnerable application.