VYPR
Unrated severityNVD Advisory· Published May 31, 2002· Updated Jun 16, 2026

CVE-2002-0310

CVE-2002-0310

Description

Netwin WebNews 1.1k CGI program includes several default usernames and cleartext passwords that cannot be deleted by the administrator, which allows remote attackers to gain privileges via the username/password combinations (1) testweb/newstest, (2) alwn3845/imaptest, (3) alwi3845/wtest3452, or (4) testweb2/wtest4879.

Affected products

5
  • Netwin/Webnews5 versions
    cpe:2.3:a:netwin:webnews:1.1h:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:netwin:webnews:1.1h:*:*:*:*:*:*:*
    • cpe:2.3:a:netwin:webnews:1.1i:*:*:*:*:*:*:*
    • cpe:2.3:a:netwin:webnews:1.1j:*:*:*:*:*:*:*
    • cpe:2.3:a:netwin:webnews:1.1k:*:*:*:*:*:*:*
    • (no CPE)range: <= 1.1k

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.