CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 2CVE-2002-1685 – Working Resources BadBlue 1.7 - 'ext.dll' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2002-1685
Cross-site scripting vulnerability (XSS) in BadBlue Enterprise Edition and Personal Edition 1.7 and 1.7.2 allows remote attackers to execute arbitrary script as other users by injecting script into ext.dll ISAPI. • https://www.exploit-db.com/exploits/21576 http://online.securityfocus.com/archive/1/281088 http://www.securityfocus.com/bid/5086 https://exchange.xforce.ibmcloud.com/vulnerabilities/9513 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0800
https://notcve.org/view.php?id=CVE-2002-0800
BadBlue 1.7.0 allows remote attackers to list the contents of directories via a URL with an encoded '%' character at the end. • http://archives.neohapsis.com/archives/bugtraq/2002-06/0003.html http://www.iss.net/security_center/static/9239.php http://www.securityfocus.com/bid/4912 •