Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1410

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1410
Last Modified 05 Sep 2008 04:30:31
Published 11 Apr 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1410

Summary

Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access of config.cgi.

Vulnerable Systems

Application

  • Ben Chivers Guestbook 1.0

  • Easy Scripts Archive Easy Guestbook 1.0


References

BID - 5341

BUGTRAQ - 20020727 Easy Guestbook Vulnerabilities

XF - easy-guestbook-gain-access(9697)


Last Updated: 27 May 2016 10:37:19