exploitDog

CVE-2002-0918

Опубликовано: 04 окт. 2002

Источник: nvd

CVSS2: 5

EPSS Средний

Описание

CGIScript.net csPassword.cgi leaks sensitive information such as the pathname of the server in debug messages that are presented when the script fails, which allows remote attackers to obtain the information via a "remove" option in the command parameter, which generates an error.

Ссылки

http://online.securityfocus.com/archive/1/274727
http://www.iss.net/security_center/static/9221.php
Patch
Vendor Advisory
http://www.securityfocus.com/bid/4887
Exploit
Patch
Vendor Advisory
http://online.securityfocus.com/archive/1/274727
http://www.iss.net/security_center/static/9221.php
Patch
Vendor Advisory
http://www.securityfocus.com/bid/4887
Exploit
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cgiscript.net:cspassword:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.14391

Средний

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-w8rw-34mj-q8p6

github

почти 4 года назад

CGIScript.net csPassword.cgi leaks sensitive information such as the pathname of the server in debug messages that are presented when the script fails, which allows remote attackers to obtain the information via a "remove" option in the command parameter, which generates an error.

EPSS

Процентиль: 94%

0.14391

Средний

5 Medium

CVSS2

Дефекты

NVD-CWE-Other