CVE-2003-1402

EPSS 0.72%
Veröffentlicht 31.12.2003 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

PHP remote file inclusion vulnerability in hit.php for Kietu 2.0 and 2.3 allows remote attackers to execute arbitrary PHP code via the url_hit parameter, a different vulnerability than CVE-2006-5015.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Kietu ≫ Kietu Version2.0

Kietu ≫ Kietu Version2.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.72%	0.72

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0071.html

http://secunia.com/advisories/10754

Vendor Advisory

http://www.osvdb.org/3777

http://www.securityfocus.com/bid/6863

https://exchange.xforce.ibmcloud.com/vulnerabilities/11341

https://nvd.nist.gov/vuln/detail/CVE-2003-1402

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2003-1402

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2003-1402

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2003-1402