Описание
CGIScript.net csNews.cgi allows remote authenticated users to read arbitrary files, and possibly gain privileges, via the (1) pheader or (2) pfooter parameters in the "Advanced Settings" capability.
Ссылки
- Vendor Advisory
- ExploitVendor Advisory
- Vendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cgiscript.net:csnews:1.0:*:*:*:*:*:*:*
cpe:2.3:a:cgiscript.net:csnews:1.0_professional:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.03062
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
CGIScript.net csNews.cgi allows remote authenticated users to read arbitrary files, and possibly gain privileges, via the (1) pheader or (2) pfooter parameters in the "Advanced Settings" capability.
EPSS
Процентиль: 86%
0.03062
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other