CVE-2002-2011 – Jon Howell Faq-O-Matic 2.7 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2002-2011
Cross-site scripting (XSS) vulnerability in the fom CGI program (fom.cgi) in Faq-O-Matic 2.711 and 2.712 allows remote attackers to inject arbitrary web script or HTML via the file parameter. • https://www.exploit-db.com/exploits/21405 http://archives.neohapsis.com/archives/bugtraq/2002-04/0287.html http://www.iss.net/security_center/static/8906.php http://www.securityfocus.com/bid/4565 •
CVE-2002-0230 – Faq-O-Matic 2.6/2.7 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2002-0230
Cross-site scripting vulnerability in fom.cgi of Faq-O-Matic 2.712 allows remote attackers to execute arbitrary Javascript on other clients via the cmd parameter, which causes the script to be inserted into an error message. Vulnerabilidad de secuencias de comandos en sitios cruzados (Cross-site scripting) en fom.cgi de Faq-O-Matic 2.712 permite a atacantes remotos ejecutar código Javascript arbitrario en otros clientes mediante el parámetro cmd, lo que hace que el script sea insertado en un mensaje de error. • https://www.exploit-db.com/exploits/21263 http://marc.info/?l=bugtraq&m=101285834018701&w=2 http://marc.info/?l=bugtraq&m=101293973111873&w=2 http://sourceforge.net/mailarchive/forum.php?thread_id=464940&forum_id=6367 http://www.debian.org/security/2002/dsa-109 •