Back to CVE Browser

CVE-2002-0537

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1510%

EPSS Percentile29.55th

PublishedJul 3, 2002

Last ModifiedApr 16, 2026

Vulnerability Description

The admin.html file in StepWeb Search Engine (SWS) 2.5 stores passwords in links to manager.pl, which allows remote attackers who can access the admin.html file to gain administrative privileges to SWS.

Affected Platforms (CPE)

📦

Stepweb

Sws

= 2.5

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2002-04/0148.html

🔗 http://www.iss.net/security_center/static/8849.php

🔗 http://www.securityfocus.com/bid/4503

🔗 http://archives.neohapsis.com/archives/bugtraq/2002-04/0148.html

🔗 http://www.iss.net/security_center/static/8849.php

🔗 http://www.securityfocus.com/bid/4503

Related Vulnerabilities

CVE-2008-43899.3

Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x before 6.1 SP4 do not properly perform authentication, which...

CVE-2014-16497.9

The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allows remote attackers to access files and functionality by sen...

CVE-2002-18707.5

Simple Web Server (SWS) 0.0.4 through 0.1.0 does not properly handle when the recv function call fails, which may allow remote att...

CVE-2006-21147.5

Buffer overflow in SWS web Server 0.1.7 allows remote attackers to execute arbitrary code via a long request.