CVE-2002-1753

Опубликовано: 31 дек. 2002

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.

Ссылки

http://cert.uni-stuttgart.de/archive/bugtraq/2002/04/msg00106.html
Broken Link
http://www.securityfocus.com/bid/4451
Broken Link
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/8636
Third Party Advisory
VDB Entry
http://cert.uni-stuttgart.de/archive/bugtraq/2002/04/msg00106.html
Broken Link
http://www.securityfocus.com/bid/4451
Broken Link
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/8636
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cgiscript:csnews_professional:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.05911

Низкий

7.5 High

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-ccqr-whpm-2jv2

github

почти 4 года назад