PHP Remote File Inclusion Vulnerability in News Evolution 2.0 by PHP
CVE-2002-2249

Currently unrated

Key Information:

Vendor: PHP Evolution
Status: News Evolution
Vendor: CVE Published:; 31 December 2002

🔔 Create PHP Evolution Vulnerability Alert

What is CVE-2002-2249?

The vulnerability affects News Evolution 2.0, where a remote file inclusion flaw permits attackers to execute arbitrary PHP commands through manipulation of the neurl parameter. This vulnerability exists in three specific backend scripts: backend.php, screen.php, and admin/modules/comment.php. Exploitation of this vulnerability can lead to significant security risks for affected systems, allowing unauthorized access and potentially compromising sensitive data.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/10709

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/6260

vdb-entryx_refsource_BID

http://marc.info/?l=bugtraq&m=103835200230127&w=2

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 14, 2007
Vulnerability published
Dec 31, 2002

CVE-2002-2249 Data

JSON