[] NeoSense
E X P L O I T S
title author type platform port cve id

Fluid Dynamics Search Engine 2.0 - Cross-Site Scripting

Author: VALDEUX
type: webapps
platform: cgi
port: 
date_added: 2002-07-10 
date_updated: 2012-09-30 
verified: 1 
codes: CVE-2002-1036;OSVDB-9230 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/5199/info

Fluid Dynamics Search Engine is a search application for local and remote web sites, and is designed to work in most UNIX and Microsoft Windows environments. Fluid Dynamics Search Engine and is maintained by Zoltan Milosevic.

It is possible for attackers to construct a URL that will cause scripting code to be embedded in a search results page. As a result, when an innocent user follows such a link, the script code will execute within the context of the hosted site.

http://www.xav.com/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&Rank=<br><h1>XSS</h1>
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.