CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 1CVE-2002-1026
https://notcve.org/view.php?id=CVE-2002-1026
Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine 7.0.2.1480 allows remote attackers to cause a denial of service (crash) via a long malformed request to TCP port 2500, possibly triggering a buffer overflow. • http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0140.html http://online.securityfocus.com/archive/1/280079 http://www.iss.net/security_center/static/9458.php http://www.securityfocus.com/bid/5132 •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 2CVE-2002-1027 – Macromedia Sitespring 1.2 - Default Error Page Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2002-1027
Cross-site scripting vulnerability in the default HTTP 500 error script (500error.jsp) for Macromedia Sitespring 1.2.0 (277.1) allows remote attackers to execute arbitrary web script via a link to 500error.jsp with the script in 1the et parameter. • https://www.exploit-db.com/exploits/21621 http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0029.html http://online.securityfocus.com/archive/1/282742 http://www.iss.net/security_center/static/9588.php http://www.securityfocus.com/bid/5249 •