Lucene search
MitreCVE-2002-0734HistoryApr 02, 2003 - 5:00 a.m.
CVE-2002-0734
2003-04-0205:00:00
mitre
web.nvd.nist.gov
32
b2
2.0.6pre2
remote code execution
cve-2002-0734
security vulnerability
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.7
Confidence
Low
EPSS
0.044
Percentile
92.4%
b2edit.showposts.php in B2 2.0.6pre2 and earlier does not properly load the b2config.php file in some configurations, which allows remote attackers to execute arbitrary PHP code via a URL that sets the $b2inc variable to point to a malicious program stored on a remote server.
Affected configurations
Node
michel_valdrighib2Match0.6_pre
| Vendor | Product | Version | CPE |
|---|---|---|---|
| michel_valdrighi | b2 | 0.6_pre | cpe:2.3:a:michel_valdrighi:b2:0.6_pre:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2002-0734
2003-04-02 05:00:00
exploitdb
exploitdb
B2 0.6 - 'b2edit.showposts.php?b2inc' Remote File Inclusion
2002-05-06 00:00:00
nvd
nvd
CVE-2002-0734
2002-08-12 04:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.7
Confidence
Low
EPSS
0.044
Percentile
92.4%
Related for CVE-2002-0734