CVE-2002-0923

CGIScript.net csNews.cgi allows remote authenticated users to read arbitrary files, and possibly gain privileges, via the (1) pheader or (2) pfooter parameters in the "Advanced Settings" capability.

Date published : 2002-08-31

http://www.securityfocus.com/bid/4994

http://archives.neohapsis.com/archives/bugtraq/2002-06/0091.html