CVE-2002-1427

Easy Homepage Creator 1.0 - RCE

Title source: llm

Description

The print_html_to_file function in edit.cgi for Easy Homepage Creator 1.0 does not check user credentials, which allows remote attackers to modify home pages of other users.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Arek Suroboyo · htmlwebappscgi

https://www.exploit-db.com/exploits/21658

View Code ZIP pw:eip

References (3)

[Vendor Advisory] http://www.iss.net/security_center/static/9696.php

[Exploit, Vendor Advisory] http://www.securityfocus.com/bid/5340

[Exploit, Patch, Vendor Advisory] http://archives.neohapsis.com/archives/bugtraq/2002-07/0350.html

Scores

EPSS 0.0306

EPSS Percentile 86.8%

Details

Status published

Products (2)

easy_scripts_archive/advanced_easy_homepage_creator 1.0

easy_scripts_archive/easy_homepage_creator 1.0

Published Apr 11, 2003

Tracked Since Feb 18, 2026