Basic search

K
cveCve@mitre.orgCVE-2004-2733
HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2733

2004-12-3105:00:00
CWE-264
cve@mitre.org
web.nvd.nist.gov
19
cve-2004-2733
web wiz forums
remote attackers
user privileges
security vulnerability

7.6 High

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

0.016 Low

EPSS

Percentile

87.0%

Web Wiz Forums 7.7a uses invalid logic to determine user privileges, which allows remote attackers to (1) block arbitrary IP addresses via pop_up_ip_blocking.asp or (2) modify topics via pop_up_topic_admin.asp.

7.6 High

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

0.016 Low

EPSS

Percentile

87.0%