Lucene search

[email protected]NVD:CVE-2002-1087

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-1087

2002-10-0404:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.8

Confidence

Low

EPSS

0.002

Percentile

54.0%

JSON

The scripts (1) createdir.php, (2) removedir.php and (3) uploadfile.php for ezContents 1.41 and earlier do not check credentials, which allows remote attackers to create or delete directories and upload files via a direct HTTP POST request.

Affected configurations

Nvd

Node

visualshapersezcontentsRange≤1.41

VendorProductVersionCPE
visualshapersezcontents*cpe:2.3:a:visualshapers:ezcontents:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
visualshapers	ezcontents	*	cpe:2.3:a:visualshapers:ezcontents::::::::

References

archives.neohapsis.com/archives/vulnwatch/2002-q3/0040.html

online.securityfocus.com/archive/1/284229

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.8

Confidence

Low

EPSS

0.002

Percentile

54.0%

JSON

Related for NVD:CVE-2002-1087

cvelist1 cve1