CVE-2002-1410

Опубликовано: 11 апр. 2003

Источник: nvd

CVSS2: 7.5

EPSS Средний

Описание

Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access of config.cgi.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2002-07/0356.html
Exploit
Patch
Vendor Advisory
http://www.iss.net/security_center/static/9697.php
Vendor Advisory
http://www.securityfocus.com/bid/5341
Exploit
Patch
Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2002-07/0356.html
Exploit
Patch
Vendor Advisory
http://www.iss.net/security_center/static/9697.php
Vendor Advisory
http://www.securityfocus.com/bid/5341
Exploit
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ben_chivers:ben_chivers_guestbook:1.0:*:*:*:*:*:*:*

cpe:2.3:a:easy_scripts_archive:easy_guestbook:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.1151

Средний

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-wv5m-r3h8-56gx

github

больше 3 лет назад