CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-1867

The default configuration of BizDesign ImageFolio 2.23 through 2.26 does not control access to (1) admin/setup.cgi, which allows remote attackers to create an administrative account, or (2) admin/nph-build.cgi, which allows remote attackers to cause a denial of service (CPU consumption).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 71.5%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=102373053829427&w=2
http://www.iss.net/security_center/static/9308.php
http://www.securityfocus.com/bid/4975
http://marc.info/?l=bugtraq&m=102373053829427&w=2
http://www.iss.net/security_center/static/9308.php
http://www.securityfocus.com/bid/4975

Products affected by CVE-2002-1867

Bizdesign » Imagefolio » Version: 2.23

cpe:2.3:a:bizdesign:imagefolio:2.23
Bizdesign » Imagefolio » Version: 2.24

cpe:2.3:a:bizdesign:imagefolio:2.24
Bizdesign » Imagefolio » Version: 2.26

cpe:2.3:a:bizdesign:imagefolio:2.26

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-1867

Products

Pricing

Contact Us