1. CVE-Search
  2. CVE-2002-0750
ID CVE-2002-0750
Summary CGIscript.net csMailto.cgi program allows remote attackers to read arbitrary files by specifying the target filename in the form-attachment field.
References
Vulnerable Configurations
  • cpe:2.3:a:cgiscript.net:csmailto:*:*:*:*:*:*:*:*
    cpe:2.3:a:cgiscript.net:csmailto:*:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 05-09-2008 - 20:28)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bugtraq 20020423 CGIscript.net - csMailto.cgi - Remote Command Execution
misc http://www.cgiscript.net/cgi-script/csNews/csNews.cgi?database=cgi.db&command=viewone&id=5
Last major update 05-09-2008 - 20:28
Published 12-08-2002 - 04:00
Last modified 05-09-2008 - 20:28
Back to Top