Lucene search
MitreCVE-2002-0495HistoryApr 02, 2003 - 5:00 a.m.
CVE-2002-0495
2003-04-0205:00:00
CWE-94
mitre
web.nvd.nist.gov
30
cve-2002-0495
cssearch 2.3
remote attack
perl code
nvd
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
High
EPSS
0.019
Percentile
88.6%
csSearch.cgi in csSearch 2.3 and earlier allows remote attackers to execute arbitrary Perl code via the savesetup command and the setup parameter, which overwrites the setup.cgi configuration file that is loaded by csSearch.cgi.
Affected configurations
Node
cgiscriptcssearch_professionalRange≤2.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cgiscript | cssearch_professional | * | cpe:2.3:a:cgiscript:cssearch_professional:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2002-0495
2003-04-02 05:00:00
nvd
nvd
CVE-2002-0495
2002-08-12 04:00:00
checkpoint_advisories
checkpoint_advisories
CsSearch csSearch.cgi Arbitrary Command Execution - Ver2 (CVE-2002-0495)
2014-03-03 00:00:00
nessus
nessus
csSearch csSearch.cgi setup Parameter Arbitrary Command Execution
2002-03-27 00:00:00
exploitdb
exploitdb
CSSearch 2.3 - Remote Command Execution
2002-03-26 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
High
EPSS
0.019
Percentile
88.6%
Related for CVE-2002-0495