Lucene search
MitreCVE-2002-2319HistoryOct 26, 2007 - 7:00 p.m.
CVE-2002-2319
2007-10-2619:00:00
CWE-94
mitre
web.nvd.nist.gov
19
cve-2002-2319
static code injection
mysimplenews
remote attackers
php code
html
vulnerability
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.013
Percentile
86.4%
Static code injection vulnerability in users.php in MySimpleNews allows remote attackers to inject arbitrary PHP code and HTML via the (1) LOGIN, (2) DATA, and (3) MESS parameters, which are inserted into news.php3.
Affected configurations
Node
mysimplenewsmysimplenewsMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mysimplenews | mysimplenews | 1.0 | cpe:2.3:a:mysimplenews:mysimplenews:1.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2002-2319
2007-10-26 19:00:00
exploitdb
exploitdb
MySimpleNews 1.0 - PHP Injection
2002-10-02 00:00:00
nvd
nvd
CVE-2002-2319
2002-12-31 05:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.013
Percentile
86.4%
Related for CVE-2002-2319