CVE-2002-2249

PHP remote file inclusion vulnerability in News Evolution 2.0 allows remote attackers to execute arbitrary PHP commands via the neurl parameter to (1) backend.php, (2) screen.php, or (3) admin/modules/comment.php.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:php_evolution:news_evolution:1.0:*:*:*:*:*:*:*
cpe:2.3:a:php_evolution:news_evolution:2.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2002-12-31 05:00

Updated : 2024-02-28 10:24


NVD link : CVE-2002-2249

Mitre link : CVE-2002-2249

CVE.ORG link : CVE-2002-2249


JSON object : View

Products Affected

php_evolution

  • news_evolution
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')