Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.4
CVSSv2

CVE-2002-0771

Published: 12/08/2002 Updated: 19/11/2016
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
VMScore: 645
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

Vulnerability Summary

Cross-site scripting vulnerability in viewcvs.cgi for ViewCVS 0.9.2 allows remote malicious users to inject script and steal cookies via the (1) cvsroot or (2) sortby parameters.

Vulnerable Product Search on Vulmon Subscribe to Product

viewcvs viewcvs 0.8

viewcvs viewcvs 0.9.1

viewcvs viewcvs 0.9

viewcvs viewcvs 0.9.2

Exploits

Exploit DB: ViewCVS 0.9.2 - Cross-Site Scripting
source: wwwsecurityfocuscom/bid/4818/info ViewCVS does not filter HTML tags from certain URL parameters, making it prone to cross-site scripting attacks An attacker may exploit this by constructing a malicious link with script code to a site running ViewCVS and sending it to a legitimate user of the site When the legitimate user follow ...

References

NVD-CWE-Otherhttp://archives.neohapsis.com/archives/bugtraq/2002-05/0161.htmlhttp://www.iss.net/security_center/static/9112.phphttp://www.securityfocus.com/bid/4818https://nvd.nist.govhttps://www.exploit-db.com/exploits/21473/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310CVE-2024-21683CVE-2024-22187chromedeserializationXPath injectionCVE-2024-27842denial of serviceCVE-2024-24851googleCVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook