CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-0495

csSearch.cgi in csSearch 2.3 and earlier allows remote attackers to execute arbitrary Perl code via the savesetup command and the setup parameter, which overwrites the setup.cgi configuration file that is loaded by csSearch.cgi.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.152

EPSS Ranking 94.3%

CVSS Severity

CVSS v2 Score 10.0

References

http://www.cgiscript.net/cgi-script/csNews/csNews.cgi?database=cgi.db&command=viewone&id=7
http://www.iss.net/security_center/static/8636.php
http://www.securityfocus.com/archive/1/264169
http://www.securityfocus.com/bid/4368
http://www.cgiscript.net/cgi-script/csNews/csNews.cgi?database=cgi.db&command=viewone&id=7
http://www.iss.net/security_center/static/8636.php
http://www.securityfocus.com/archive/1/264169
http://www.securityfocus.com/bid/4368

Products affected by CVE-2002-0495

Cgiscript » Cssearch Professional » Version: 2.3

cpe:2.3:a:cgiscript:cssearch_professional:2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-0495

Products

Pricing

Contact Us