CVE-2002-2424

Ekilat Php(reactor) - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in PHP(Reactor) 1.2.7 pl1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the style attribute of an HTML tag.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Matthew Murphy · textwebappsphp

https://www.exploit-db.com/exploits/21755

View Code ZIP pw:eip

References (3)

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2002-08/0262.html

[Third Party Advisory] http://www.iss.net/security_center/static/9958.php

[Exploit] http://www.securityfocus.com/bid/5569

Scores

EPSS 0.0056

EPSS Percentile 68.1%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

ekilat_llc/php\(reactor\)

Timeline

Published Dec 31, 2002

Tracked Since Feb 18, 2026