Vulnerability Description
CGIScript.net csPassword.cgi allows remote authenticated users to modify the .htaccess file and gain privileges via newlines in the title field of the edit page.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cgiscript.Net | Cspassword | 1.0 |
References
- http://online.securityfocus.com/archive/1/274727
- http://www.iss.net/security_center/static/9222.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/4888ExploitPatchVendor Advisory
- http://online.securityfocus.com/archive/1/274727
- http://www.iss.net/security_center/static/9222.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/4888ExploitPatchVendor Advisory
FAQ
What is CVE-2002-0919?
CVE-2002-0919 is a vulnerability with a CVSS score of 7.5 (HIGH). CGIScript.net csPassword.cgi allows remote authenticated users to modify the .htaccess file and gain privileges via newlines in the title field of the edit page.
How severe is CVE-2002-0919?
CVE-2002-0919 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0919?
Check the references section above for vendor advisories and patch information. Affected products include: Cgiscript.Net Cspassword.