Vulnerability Details : CVE-2002-1410
Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access of config.cgi.
Exploit prediction scoring system (EPSS) score for CVE-2002-1410
Probability of exploitation activity in the next 30 days: 4.24%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 91 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2002-1410
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2002-1410
-
http://www.securityfocus.com/bid/5341
Exploit;Patch;Vendor Advisory
-
http://www.iss.net/security_center/static/9697.php
Vendor Advisory
-
http://archives.neohapsis.com/archives/bugtraq/2002-07/0356.html
Exploit;Patch;Vendor Advisory
Products affected by CVE-2002-1410
- cpe:2.3:a:ben_chivers:ben_chivers_guestbook:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:easy_scripts_archive:easy_guestbook:1.0:*:*:*:*:*:*:*