exploitDog

CVE-2002-0776

Опубликовано: 12 авг. 2002

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

getuserdesc.asp in Hosting Controller 2002 allows remote attackers to change the passwords of arbitrary users and gain privileges by modifying the username parameter, as addressed by the "UpdateUser" hot fix.

Ссылки

http://hostingcontroller.com/english/logs/sp2log.html
Patch
Vendor Advisory
http://online.securityfocus.com/archive/1/282129
Exploit
Patch
Vendor Advisory
http://www.iss.net/security_center/static/9554.php
http://www.securityfocus.com/bid/5229
http://hostingcontroller.com/english/logs/sp2log.html
Patch
Vendor Advisory
http://online.securityfocus.com/archive/1/282129
Exploit
Patch
Vendor Advisory
http://www.iss.net/security_center/static/9554.php
http://www.securityfocus.com/bid/5229

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hosting_controller:hosting_controller:2002:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00888

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-44xj-f97g-hv56

github

почти 4 года назад

getuserdesc.asp in Hosting Controller 2002 allows remote attackers to change the passwords of arbitrary users and gain privileges by modifying the username parameter, as addressed by the "UpdateUser" hot fix.

EPSS

Процентиль: 75%

0.00888

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other