CVE-2002-1036

Zoltan Milosevic Fluid Dynamics Search Engine - XSS

Title source: rule
STIX 2.1

Description

Cross-site scripting vulnerability in search.pl for Fluid Dynamics Search Engine (FDSE) before 2.0.0.0055 allows remote attackers to execute web script via the (1) Rank or (2) Match parameters.

Exploits (1)

exploitdb WORKING POC VERIFIED
by VALDEUX · textwebappscgi
https://www.exploit-db.com/exploits/21609

References (5)

Core 5
Core References
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-07/0094.html
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-07/0096.html
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5199
Patch, Vendor Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/9533.php
Various Sources x_refsource_confirm
http://www.xav.com/scripts/search/changes.htm#4

Scores

EPSS 0.0699
EPSS Percentile 91.5%

Details

Status published
Products (5)
zoltan_milosevic/fluid_dynamics_search_engine 2.0.0.0050
zoltan_milosevic/fluid_dynamics_search_engine 2.0.0.0051
zoltan_milosevic/fluid_dynamics_search_engine 2.0.0.0052
zoltan_milosevic/fluid_dynamics_search_engine 2.0.0.0053
zoltan_milosevic/fluid_dynamics_search_engine 2.0.0.0054
Published Oct 04, 2002
Tracked Since Feb 18, 2026