Unrated severityNVD Advisory· Published Oct 4, 2002· Updated Jun 16, 2026
CVE-2002-0920
CVE-2002-0920
Description
CGIScript.net csPassword.cgi stores usernames and unencrypted passwords in the password.cgi.tmp temporary file while modifying data, which could allow local users (and possibly remote attackers) to gain privileges by stealing the file before it has been processed.
Affected products
2cpe:2.3:a:cgiscript.net:cspassword:1.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cgiscript.net:cspassword:1.0:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
3- www.iss.net/security_center/static/9223.phpnvdPatchVendor Advisory
- online.securityfocus.com/archive/1/274727nvd
- www.securityfocus.com/bid/4889nvd
News mentions
0No linked articles in our index yet.