CVE-2002-1680

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2002-1680
Cross-site scripting (XSS) vulnerability in CGI Online Worldweb Shopping 1.1 (a.k.a. COWS) allows remote attackers to execute arbitrary script as other users by injecting script into (1) diagnose.cgi or (2) compatible.cgi.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://online.securityfocus.com/archive/82/251570
http://www.securityfocus.com/bid/3921
http://www.securityfocus.com/bid/3914
https://exchange.xforce.ibmcloud.com/vulnerabilities/7986
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

cpe:2.3:a:cows:cgi_online_worldweb_shopping:1.1:*:*:*:*:*:*:*
Information

Published : 2002-12-30 21:00

Updated : 2017-07-10 18:29

NVD link : CVE-2002-1680

Mitre link : CVE-2002-1680

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

cows

  • cgi_online_worldweb_shopping