Unrated severityNVD Advisory· Published Dec 6, 2004· Updated Apr 16, 2026

CVE-2002-1582

Description

compose.cgi in Mailreader.com 2.3.30 and 2.3.31, when using Sendmail as the Mail Transfer Agent, allows remote attackers to execute arbitrary commands via shell metacharacters in the RealEmail configuration variable, which is used to call Sendmail in network.cgi.

Affected products

Mailreader.com/Mailreader.com2 versions
cpe:2.3:a:mailreader.com:mailreader.com:2.3.30:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mailreader.com:mailreader.com:2.3.30:*:*:*:*:*:*:*
- cpe:2.3:a:mailreader.com:mailreader.com:2.3.31:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.iss.net/security_center/static/10491.phpnvdPatchVendor Advisory
www.securityfocus.com/bid/6058nvdPatchVendor Advisory
www.securityfocus.com/archive/1/297428nvdExploitPatchVendor Advisory
www.mailreader.com/download/ChangeLognvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000