cbcvebase.
CVE-2002-0589
published 2002-06-18

CVE-2002-0589: PVote before 1.9 allows remote attackers to change the administrative password and gain privileges by directly calling ch_info.php with the newpass and confirm…

PriorityP346high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
7.01%
93.4th percentile
PVote before 1.9 allows remote attackers to change the administrative password and gain privileges by directly calling ch_info.php with the newpass and confirm parameters both set to the new password.

Affected

4 ranges
VendorProductVersion rangeFixed in
steve_korbettpvote
steve_korbettpvote
steve_korbettpvote
steve_korbettpvote
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.