CVE-2002-2319

Static code injection vulnerability in users.php in MySimpleNews allows remote attackers to inject arbitrary PHP code and HTML via the (1) LOGIN, (2) DATA, and (3) MESS parameters, which are inserted into news.php3.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mysimplenews:mysimplenews:1.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2002-12-31 05:00

Updated : 2024-02-28 10:24


NVD link : CVE-2002-2319

Mitre link : CVE-2002-2319

CVE.ORG link : CVE-2002-2319


JSON object : View

Products Affected

mysimplenews

  • mysimplenews
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')