CVE-2002-1036 Information

Description

Cross-site scripting vulnerability in search.pl for Fluid Dynamics Search Engine (FDSE) before 2.0.0.0055 allows remote attackers to execute web script via the (1) Rank or (2) Match parameters.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-07/0094.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0096.html http://www.iss.net/security_center/static/9533.php http://www.securityfocus.com/bid/5199 http://www.xav.com/scripts/search/changes.htm4