CVE-2002-0923 | Date: (C)2002-10-04 (M)2023-12-22 |
CGIScript.net csNews.cgi allows remote authenticated users to read arbitrary files, and possibly gain privileges, via the (1) pheader or (2) pfooter parameters in the "Advanced Settings" capability.
CVSS Score and Metrics +CVSS Score and Metrics -CVSS V2 Severity: |
CVSS Score : 7.5 |
Exploit Score: 10.0 |
Impact Score: 6.4 |
|
CVSS V2 Metrics: |
Access Vector: NETWORK |
Access Complexity: LOW |
Authentication: NONE |
Confidentiality: PARTIAL |
Integrity: PARTIAL |
Availability: PARTIAL |
| |