Cross-site scripting vulnerability in search.pl for Fluid Dynamics Search Engine (FDSE) before 2.0.0.0055 allows remote attackers to execute web script via the (1) Rank or (2) Match parameters.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Fluid_dynamics_search_engine | Zoltan_milosevic | 2.0.0.0050 (including) | 2.0.0.0050 (including) |
| Fluid_dynamics_search_engine | Zoltan_milosevic | 2.0.0.0051 (including) | 2.0.0.0051 (including) |
| Fluid_dynamics_search_engine | Zoltan_milosevic | 2.0.0.0052 (including) | 2.0.0.0052 (including) |
| Fluid_dynamics_search_engine | Zoltan_milosevic | 2.0.0.0053 (including) | 2.0.0.0053 (including) |
| Fluid_dynamics_search_engine | Zoltan_milosevic | 2.0.0.0054 (including) | 2.0.0.0054 (including) |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0094.html
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0096.html
- http://www.iss.net/security_center/static/9533.php
- http://www.securityfocus.com/bid/5199
- http://www.xav.com/scripts/search/changes.htm#4
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0094.html
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0096.html
- http://www.iss.net/security_center/static/9533.php
- http://www.securityfocus.com/bid/5199
- http://www.xav.com/scripts/search/changes.htm#4