Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2002-0955
HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-0955

2002-10-0404:00:00
[email protected]
web.nvd.nist.gov
29
cve-2002-0955
cross-site scripting
vulnerability
yabb.cgi
web security
remote attack

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.031 Low

EPSS

Percentile

91.1%

JSON

Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and earlier allows remote attackers to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error message.

Affected configurations

NVD
Node
yabbyabbMatch1_gold_sp_1
CPENameOperatorVersion
yabb:yabbyabbeq1_gold_sp_1

Related

nvd 1
cvelist 1
openvas 1
nessus 1
nvd
nvd
CVE-2002-0955
2002-10-04 04:00:00
cvelist
cvelist
CVE-2002-0955
2002-08-31 04:00:00
openvas
openvas
Various dangerous cgi scripts
2005-11-03 00:00:00
nessus
nessus
Multiple Dangerous CGI Script Detection
2003-06-17 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.031 Low

EPSS

Percentile

91.1%

JSON
Related for CVE-2002-0955
nvd1cvelist1openvas1nessus1