Lucene search

[email protected]CVE-2003-0754

HistoryOct 20, 2003 - 4:00 a.m.

CVE-2003-0754

2003-10-2004:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2003-0754

newsphp

authentication bypass

remote attack

nvd

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.9%

JSON

nphpd.php in newsPHP 216 and earlier allows remote attackers to bypass authentication via an HTTP request with a modified nphp_users array, which is used for authentication.

CPENameOperatorVersion
newsphp:newsphpnewsphple216

CPE	Name	Operator	Version
newsphp:newsphp	newsphp	le	216

References

archives.neohapsis.com/archives/bugtraq/2003-08/0345.html

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.9%

JSON