Unrated severityNVD Advisory· Published Oct 4, 2002· Updated Apr 16, 2026

CVE-2002-0923

Description

CGIScript.net csNews.cgi allows remote authenticated users to read arbitrary files, and possibly gain privileges, via the (1) pheader or (2) pfooter parameters in the "Advanced Settings" capability.

Affected products

Cgiscript.net/Csnews2 versions
cpe:2.3:a:cgiscript.net:csnews:1.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cgiscript.net:csnews:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cgiscript.net:csnews:1.0_professional:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/4994nvdExploitVendor Advisory
www.iss.net/security_center/static/9333.phpnvdVendor Advisory
archives.neohapsis.com/archives/bugtraq/2002-06/0091.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000