CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-0310

Netwin WebNews 1.1k CGI program includes several default usernames and cleartext passwords that cannot be deleted by the administrator, which allows remote attackers to gain privileges via the username/password combinations (1) testweb/newstest, (2) alwn3845/imaptest, (3) alwi3845/wtest3452, or (4) testweb2/wtest4879.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.6%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=101432236729631&w=2
http://www.securityfocus.com/bid/4156
https://exchange.xforce.ibmcloud.com/vulnerabilities/8255
http://marc.info/?l=bugtraq&m=101432236729631&w=2
http://www.securityfocus.com/bid/4156
https://exchange.xforce.ibmcloud.com/vulnerabilities/8255

Products affected by CVE-2002-0310

Netwin » Webnews » Version: 1.1h

cpe:2.3:a:netwin:webnews:1.1h
Netwin » Webnews » Version: 1.1i

cpe:2.3:a:netwin:webnews:1.1i
Netwin » Webnews » Version: 1.1j

cpe:2.3:a:netwin:webnews:1.1j
Netwin » Webnews » Version: 1.1k

cpe:2.3:a:netwin:webnews:1.1k

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-0310

Products

Pricing

Contact Us