CVE-2002-1461 - OpenCVE

Web Shop Manager 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search box.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Webscriptworld	Web Shop Manager

Configuration 1 [-]

cpe:2.3:a:webscriptworld:web_shop_manager:1.1:*:*:*:*:*:*:*

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2002-08/0130.html	Exploit Vendor Advisory
http://www.iss.net/security_center/static/9817.php	Vendor Advisory
http://www.securiteam.com/securitynews/5KP0G0080E.html	Exploit Vendor Advisory
http://www.securityfocus.com/bid/5474	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2003-03-18T05:00:00

Updated: 2003-03-21T10:00:00

Reserved: 2003-02-05T00:00:00

Link: CVE-2002-1461

JSON object: View

NVD Information

Status : Analyzed

Published: 2003-06-09T04:00:00.000

Modified: 2008-09-05T20:30:39.670

Link: CVE-2002-1461

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-08-10T00:00:00", "descriptions": [{"lang": "en", "value": "Web Shop Manager 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search box."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2003-03-21T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "5474", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/5474"}, {"tags": ["x_refsource_MISC"], "url": "http://www.securiteam.com/securitynews/5KP0G0080E.html"}, {"name": "webshop-manager-execute-commands(9817)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/9817.php"}, {"name": "20020815 Web Shop Manager Security Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-08/0130.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1461", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Web Shop Manager 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search box."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "5474", "refsource": "BID", "url": "http://www.securityfocus.com/bid/5474"}, {"name": "http://www.securiteam.com/securitynews/5KP0G0080E.html", "refsource": "MISC", "url": "http://www.securiteam.com/securitynews/5KP0G0080E.html"}, {"name": "webshop-manager-execute-commands(9817)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/9817.php"}, {"name": "20020815 Web Shop Manager Security Vulnerability", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2002-08/0130.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1461", "datePublished": "2003-03-18T05:00:00", "dateReserved": "2003-02-05T00:00:00", "dateUpdated": "2003-03-21T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}