Cross-site scripting vulnerability in auction.pl of MakeBid Auction Deluxe 3.30 allows remote attackers to obtain information from other users via the form fields (1) TITLE, (2) DESCTIT, (3) DESC, (4) searchstring, (5) ALIAS, (6) EMAIL, (7) ADDRESS1, (8) ADDRESS2, (9) ADDRESS3, (10) PHONE1, (11) PHONE2, (12) PHONE3, or (13) PHONE4.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=101328880521775&w=2 | |
http://www.iss.net/security_center/static/8161.php | Patch Vendor Advisory |
http://www.netcreations.addr.com/dcforum/DCForumID2/126.html | |
http://www.securityfocus.com/bid/4069 | Patch Vendor Advisory |
http://marc.info/?l=bugtraq&m=101328880521775&w=2 | |
http://www.iss.net/security_center/static/8161.php | Patch Vendor Advisory |
http://www.netcreations.addr.com/dcforum/DCForumID2/126.html | |
http://www.securityfocus.com/bid/4069 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:38
Type | Values Removed | Values Added |
---|---|---|
References | () http://marc.info/?l=bugtraq&m=101328880521775&w=2 - | |
References | () http://www.iss.net/security_center/static/8161.php - Patch, Vendor Advisory | |
References | () http://www.netcreations.addr.com/dcforum/DCForumID2/126.html - | |
References | () http://www.securityfocus.com/bid/4069 - Patch, Vendor Advisory |
Information
Published : 2002-05-29 04:00
Updated : 2024-11-20 23:38
NVD link : CVE-2002-0257
Mitre link : CVE-2002-0257
CVE.ORG link : CVE-2002-0257
JSON object : View
Products Affected
apache
- http_server
usanet_creations
- makebid_auction_deluxe
CWE