CVE-2002-1750

csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
Configurations

Configuration 1 (hide)

cpe:2.3:a:cgiscript:csguestbook:1.0:*:*:*:*:*:*:*

History

20 Nov 2024, 23:42

Type Values Removed Values Added
References () http://cert.uni-stuttgart.de/archive/bugtraq/2002/04/msg00106.html - Broken Link () http://cert.uni-stuttgart.de/archive/bugtraq/2002/04/msg00106.html - Broken Link
References () http://www.securityfocus.com/bid/4448 - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/4448 - Broken Link, Third Party Advisory, VDB Entry
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/8636 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/8636 - Third Party Advisory, VDB Entry

14 Feb 2024, 16:57

Type Values Removed Values Added
CVSS v2 : 5.0
v3 : unknown
v2 : 7.5
v3 : unknown
References (BUGTRAQ) http://cert.uni-stuttgart.de/archive/bugtraq/2002/04/msg00106.html - (BUGTRAQ) http://cert.uni-stuttgart.de/archive/bugtraq/2002/04/msg00106.html - Broken Link
References (BID) http://www.securityfocus.com/bid/4448 - (BID) http://www.securityfocus.com/bid/4448 - Broken Link, Third Party Advisory, VDB Entry
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/8636 - (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/8636 - Third Party Advisory, VDB Entry
First Time Cgiscript
Cgiscript csguestbook
CPE cpe:2.3:a:cgiscript.net:csguestbook:1.0:*:*:*:*:*:*:* cpe:2.3:a:cgiscript:csguestbook:1.0:*:*:*:*:*:*:*
CWE NVD-CWE-Other CWE-94

Information

Published : 2002-12-31 05:00

Updated : 2024-11-20 23:42


NVD link : CVE-2002-1750

Mitre link : CVE-2002-1750

CVE.ORG link : CVE-2002-1750


JSON object : View

Products Affected

cgiscript

  • csguestbook
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')