CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Open Source Development Network: >> Slashcode >> 2.1.1 Security Vulnerabilities

CVE-2002-1748

Unknown vulnerability in Slash 2.1.x and 2.2 through 2.2.2, as used in Slashcode, allows remote authenticated users to gain access to arbitrary accounts.

CVSS Score

7.2

EPSS Score

0.004

Published

2002-12-31

CVE-2002-0292

Cross-site scripting vulnerability in Slash before 2.2.5, as used in Slashcode and elsewhere, allows remote attackers to steal cookies and authentication information from other users via Javascript in a URL, possibly in the formkey field.

CVSS Score

2.6

EPSS Score

0.004

Published

2002-05-31

Page 1

Vulnerabilities

Vulnerable Software

Open Source Development Network: >> Slashcode >> 2.1.1 Security Vulnerabilities

Products

Pricing

Contact Us