CyberSec.Space Logo
返回 CVE 浏览器

CVE-2002-1887

HIGH
7.5
CVSS Severity Score
EPSS Score0.0020%
EPSS Percentile3.38th
Published2002年12月31日
Last Modified2026年4月16日

Vulnerability Description

PHP remote file inclusion vulnerability in customize.php for phpMyNewsletter 0.6.10 allows remote attackers to execute arbitrary PHP code via the l parameter.

Affected Platforms (CPE)

📦
Gregory Kokanosky

Phpmynewsletter

= 0.6.10

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2002-10/0060.html
🔗 http://secunia.com/advisories/7220
🔗 http://www.iss.net/security_center/static/10288.php
🔗 http://www.securityfocus.com/bid/5886
🔗 http://archives.neohapsis.com/archives/bugtraq/2002-10/0060.html
🔗 http://secunia.com/advisories/7220
🔗 http://www.iss.net/security_center/static/10288.php
🔗 http://www.securityfocus.com/bid/5886

相关漏洞威胁

CVE-2007-237110.0

admin/index.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier provides access to configuration modification before lo...

CVE-2007-237210.0

admin/send_mod.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier prints a Location header but does not exit when admi...

CVE-2008-12956.8

SQL injection vulnerability in archives.php in Gregory Kokanosky (aka Greg's Place) phpMyNewsletter 0.8 beta 5 and earlier allows ...

CVE-2002-090110.0

Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver (AMANDA) 2.3.0.4 allow (1) remote attackers to exec...