exploitDog

CVE-2002-0955

Опубликовано: 04 окт. 2002

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and earlier allows remote attackers to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error message.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2002-06/0261.html
http://www.iss.net/security_center/static/9408.php
Vendor Advisory
http://www.securityfocus.com/bid/5078
Exploit
Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2002-06/0261.html
http://www.iss.net/security_center/static/9408.php
Vendor Advisory
http://www.securityfocus.com/bid/5078
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:yabb:yabb:1_gold_sp_1:*:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.03062

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-rxvx-4qf3-f363

github

почти 4 года назад

Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and earlier allows remote attackers to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error message.

EPSS

Процентиль: 86%

0.03062

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other