CVE-2002-1841

{"id": "CVE-2002-1841", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2002-12-31T05:00:00.000", "references": [{"url": "http://marc.info/?l=vuln-dev&m=102511114021370&w=2", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=vuln-dev&m=102520790718208&w=2", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://online.securityfocus.com/archive/1/280340", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.iss.net/security_center/static/9438.php", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/5116", "tags": ["Broken Link", "Patch", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=vuln-dev&m=102511114021370&w=2", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=vuln-dev&m=102520790718208&w=2", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://online.securityfocus.com/archive/1/280340", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.iss.net/security_center/static/9438.php", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/5116", "tags": ["Broken Link", "Patch", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "The document management module in NOLA 1.1.1 and 1.1.2 does not restrict the types of files that are uploaded, which allows remote attackers to upload and execute arbitrary PHP files with extensions such as .php4."}], "lastModified": "2024-11-20T23:42:15.140", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:noguska:nola:1.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE434C5B-9280-4B51-9A65-BAD2AF3759BD"}, {"criteria": "cpe:2.3:a:noguska:nola:1.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19990936-0711-4E89-A169-EA039000E313"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}