Vulnerabilities > CVE-2002-0918 - Unspecified vulnerability in Cgiscript.Net Cspassword 1.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN cgiscript-net
exploit available
Summary
CGIScript.net csPassword.cgi leaks sensitive information such as the pathname of the server in debug messages that are presented when the script fails, which allows remote attackers to obtain the information via a "remove" option in the command parameter, which generates an error.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | CGIScript.net csPassword.CGI 1.0 Information Disclosure Vulnerability. CVE-2002-0918,CVE-2002-0919. Webapps exploit for cgi platform |
| id | EDB-ID:21494 |
| last seen | 2016-02-02 |
| modified | 2002-05-30 |
| published | 2002-05-30 |
| reporter | Steve Gustin |
| source | https://www.exploit-db.com/download/21494/ |
| title | CGIScript.net csPassword.CGI 1.0 Information Disclosure Vulnerability |