CVE-2002-1036
Description
Cross-site scripting in Fluid Dynamics Search Engine (FDSE) before 2.0.0.0055 allows remote attackers to inject web script via search parameters.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Cross-site scripting in Fluid Dynamics Search Engine (FDSE) before 2.0.0.0055 allows remote attackers to inject web script via search parameters.
Vulnerability
A cross-site scripting vulnerability exists in the search.pl script of Fluid Dynamics Search Engine (FDSE) versions prior to 2.0.0.0055. This vulnerability allows remote attackers to inject arbitrary web script code by manipulating the Rank or Match parameters in a search query [1].
Exploitation
An attacker can craft a malicious URL that includes script code within the Rank or Match parameters. When an unsuspecting user clicks on this crafted URL, the script code will be executed within the context of the user's browser, originating from the hosted site [1].
Impact
Successful exploitation of this vulnerability allows an attacker to execute arbitrary web script in the victim's browser. This can lead to session hijacking, defacement of the web page, or redirection to malicious websites, all within the security context of the vulnerable website [1].
Mitigation
Fluid Dynamics Search Engine (FDSE) versions 2.0.0.0055 and later are not affected by this vulnerability. Users are advised to upgrade to a patched version. No specific workaround details are available in the provided references, and the vulnerability is not listed as part of the Known Exploited Vulnerabilities (KEV) catalog [1].
AI Insight generated on Jun 1, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
6cpe:2.3:a:zoltan_milosevic:fluid_dynamics_search_engine:2.0.0.0050:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:zoltan_milosevic:fluid_dynamics_search_engine:2.0.0.0050:*:*:*:*:*:*:*
- cpe:2.3:a:zoltan_milosevic:fluid_dynamics_search_engine:2.0.0.0051:*:*:*:*:*:*:*
- cpe:2.3:a:zoltan_milosevic:fluid_dynamics_search_engine:2.0.0.0052:*:*:*:*:*:*:*
- cpe:2.3:a:zoltan_milosevic:fluid_dynamics_search_engine:2.0.0.0053:*:*:*:*:*:*:*
- cpe:2.3:a:zoltan_milosevic:fluid_dynamics_search_engine:2.0.0.0054:*:*:*:*:*:*:*
- Range: <2.0.0.0055
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- www.iss.net/security_center/static/9533.phpnvdPatchVendor Advisory
- www.securityfocus.com/bid/5199nvdExploitPatchVendor Advisory
- archives.neohapsis.com/archives/bugtraq/2002-07/0094.htmlnvd
- archives.neohapsis.com/archives/bugtraq/2002-07/0096.htmlnvd
- www.xav.com/scripts/search/changes.htmnvd
News mentions
0No linked articles in our index yet.