CVE-2002-1887

phpMyNewsletter <0.6.10 - RCE

Title source: llm

Description

PHP remote file inclusion vulnerability in customize.php for phpMyNewsletter 0.6.10 allows remote attackers to execute arbitrary PHP code via the l parameter.

Exploits (2)

exploitdb WORKING POC VERIFIED
by frog-m@n · htmlwebappsphp
https://www.exploit-db.com/exploits/3658
exploitdb WORKING POC VERIFIED
by frog · textwebappsphp
https://www.exploit-db.com/exploits/21905

References (4)

Scores

EPSS 0.0276
EPSS Percentile 86.1%

Details

Status published
Products (1)
gregory_kokanosky/phpmynewsletter 0.6.10
Published Dec 31, 2002
Tracked Since Feb 18, 2026