Vulnerabilities > Cgiscript NET

DATE CVE VULNERABILITY TITLE RISK
2004-08-06 CVE-2004-0665 Path Disclosure vulnerability in Cgiscript.Net Csfaq 1.0
csFAQ.cgi in csFAQ allows remote attackers to gain sensitive information via an invalid database parameter, which reveals the path to the web server in an error message.
network
low complexity
cgiscript-net
5.0
2002-12-31 CVE-2002-1753 Remote Command Execution vulnerability in Cgiscript.Net Csnews and Csnewspro
csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
network
low complexity
cgiscript-net
5.0
2002-12-31 CVE-2002-1752 Remote Command Execution vulnerability in Cgiscript.Net Cschat-R-Box 1.0
csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
network
low complexity
cgiscript-net
5.0
2002-12-31 CVE-2002-1751 Remote Command Execution vulnerability in Cgiscript.Net Cslivesupport 1.0
csLiveSupport.cgi in CGIScript.net csLiveSupport allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
network
low complexity
cgiscript-net
5.0
2002-12-31 CVE-2002-1750 Remote Command Execution vulnerability in Cgiscript.Net Csguestbook 1.0
csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
network
low complexity
cgiscript-net
5.0
2002-10-04 CVE-2002-0924 Remote Command Execution vulnerability in CSNews
CGIScript.net csNews.cgi allows remote authenticated users to execute arbitrary Perl code via terminating quotes and metacharacters in text fields of the "Advanced Settings" capability.
network
low complexity
cgiscript-net
7.5
2002-10-04 CVE-2002-0923 Unspecified vulnerability in Cgiscript.Net Csnews 1.0/1.0Professional
CGIScript.net csNews.cgi allows remote authenticated users to read arbitrary files, and possibly gain privileges, via the (1) pheader or (2) pfooter parameters in the "Advanced Settings" capability.
network
low complexity
cgiscript-net
7.5
2002-10-04 CVE-2002-0922 Unspecified vulnerability in Cgiscript.Net Csnews 1.0/1.0Professional
CGIScript.net csNews.cgi allows remote attackers to obtain database files via a direct URL-encoded request to (1) default%2edb or (2) default%2edb.style, or remote authenticated users to perform administrative actions via (3) a database parameter set to default%2edb.
network
low complexity
cgiscript-net
5.0
2002-10-04 CVE-2002-0921 Information Disclosure vulnerability in csNews
CGIScript.net csNews.cgi allows remote attackers to obtain potentially sensitive information, such as the full server pathname and other configuration settings, via the viewnews command with an invalid database, which leaks the information in error messages.
network
low complexity
cgiscript-net
5.0
2002-10-04 CVE-2002-0920 Unspecified vulnerability in Cgiscript.Net Cspassword 1.0
CGIScript.net csPassword.cgi stores usernames and unencrypted passwords in the password.cgi.tmp temporary file while modifying data, which could allow local users (and possibly remote attackers) to gain privileges by stealing the file before it has been processed.
network
high complexity
cgiscript-net
5.1