← back
CVE-2002-0922

CVE-2002-0922

EPSS 3.2%
CGIScript.net csNews.cgi allows remote attackers to obtain database files via a direct URL-encoded request to (1) default%2edb or (2) default%2edb.style, or remote authenticated users to perform administrative actions via (3) a database parameter set to default%2edb.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/21532unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/bugtraq/2002-06/0091.htmlhttp://www.iss.net/security_center/static/9332.phphttp://www.iss.net/security_center/static/9333.phphttp://www.securityfocus.com/bid/4991http://www.securityfocus.com/bid/4993