Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Csnews'
2002-12-31
CVE-2002-1753
csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
2002-10-04
CVE-2002-0924
CGIScript.net csNews.cgi allows remote authenticated users to execute arbitrary Perl code via terminating quotes and metacharacters in text fields of the "Advanced Settings" capability.
CVE-2002-0923
CGIScript.net csNews.cgi allows remote authenticated users to read arbitrary files, and possibly gain privileges, via the (1) pheader or (2) pfooter parameters in the "Advanced Settings" capability.
CVE-2002-0922
CGIScript.net csNews.cgi allows remote attackers to obtain database files via a direct URL-encoded request to (1) default%2edb or (2) default%2edb.style, or remote authenticated users to perform administrative actions via (3) a database parameter set to default%2edb.
CVE-2002-0921
CGIScript.net csNews.cgi allows remote attackers to obtain potentially sensitive information, such as the full server pathname and other configuration settings, via the viewnews command with an invalid database, which leaks the information in error messages.
>>>
Vendor:
Cgiscript.net
9
Products
Cssearch
Csmailto
Cspassword
Csnews
Csguestbook
Cslivesupport
Cschat-r-box
Csnewspro
Csfaq
Copyright
2024
, cxsecurity.com
Back to Top
Vulnerabilities for 'Csnews' 