返回 CVE 瀏覽器

CVE-2002-0257

HIGH

7.5

CVSS Severity Score

EPSS Score0.1770%

EPSS Percentile14.26th

Published2002年5月29日

Last Modified2026年4月16日

Vulnerability Description

Cross-site scripting vulnerability in auction.pl of MakeBid Auction Deluxe 3.30 allows remote attackers to obtain information from other users via the form fields (1) TITLE, (2) DESCTIT, (3) DESC, (4) searchstring, (5) ALIAS, (6) EMAIL, (7) ADDRESS1, (8) ADDRESS2, (9) ADDRESS3, (10) PHONE1, (11) PHONE2, (12) PHONE3, or (13) PHONE4.

Affected Platforms (CPE)

📦

Apache

Http Server

= 1.3.17

📦

Apache

Http Server

= 1.3.18

📦

Apache

Http Server

= 1.3.19

📦

Apache

Http Server

= 1.3.20

📦

Apache

Http Server

= 1.3.22

📦

Usanet Creations

Makebid Auction Deluxe

= 3.30

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=101328880521775&w=2

🔗 http://www.iss.net/security_center/static/8161.php

🔗 http://www.netcreations.addr.com/dcforum/DCForumID2/126.html

🔗 http://www.securityfocus.com/bid/4069

🔗 http://marc.info/?l=bugtraq&m=101328880521775&w=2

🔗 http://www.iss.net/security_center/static/8161.php

🔗 http://www.netcreations.addr.com/dcforum/DCForumID2/126.html

🔗 http://www.securityfocus.com/bid/4069

相關漏洞威脅

CVE-2020-2506610.0

A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of servi...

CVE-2018-1881510.0

The REST API component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO Ja...

CVE-2018-403110.0

An exploitable vulnerability exists in the safe browsing function of the CUJO Smart Firewall, version 7003. The flaw lies in the w...

CVE-2020-2628210.0

BrowserUp Proxy allows you to manipulate HTTP requests and responses, capture HTTP content, and export performance data as a HAR f...