Lucene search

[email protected]CVE-2002-1887

HistoryJun 28, 2005 - 4:00 a.m.

CVE-2002-1887

2005-06-2804:00:00

[email protected]

web.nvd.nist.gov

cve

php

remote file inclusion

customize.php

phpmynewsletter

vulnerability

nvd

8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.059 Low

EPSS

Percentile

93.4%

JSON

PHP remote file inclusion vulnerability in customize.php for phpMyNewsletter 0.6.10 allows remote attackers to execute arbitrary PHP code via the l parameter.

Affected configurations

NVD

Node

gregory_kokanoskyphpmynewsletterMatch0.6.10

CPENameOperatorVersion
gregory_kokanosky:phpmynewslettergregory kokanosky phpmynewslettereq0.6.10

CPE	Name	Operator	Version
gregory_kokanosky:phpmynewsletter	gregory kokanosky phpmynewsletter	eq	0.6.10

References

archives.neohapsis.com/archives/bugtraq/2002-10/0060.html

secunia.com/advisories/7220

www.iss.net/security_center/static/10288.php

www.securityfocus.com/bid/5886

8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.059 Low

EPSS

Percentile

93.4%

JSON

Related for CVE-2002-1887

cvelist1 nvd1