CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-2046

x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers to gain administrative privileges by stealing and replaying the md5_password cookie.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.5%

CVSS Severity

CVSS v2 Score 7.5

References

http://seclists.org/lists/vuln-dev/2002/Mar/0156.html
http://www.ifrance.com/kitetoua/tuto/x_holes.txt
http://seclists.org/lists/vuln-dev/2002/Mar/0156.html
http://www.ifrance.com/kitetoua/tuto/x_holes.txt

Products affected by CVE-2002-2046

Xqus » X-News » Version: 1.1

cpe:2.3:a:xqus:x-news:1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-2046

Products

Pricing

Contact Us