CVE-2007-1603

2007-03-2223:00:00

mitre

www.cve.org

AI Score

6.4

Confidence

Low

EPSS

0.005

Percentile

77.7%

JSON

admin/contest.php in Weekly Drawing Contest 0.0.1 allows remote attackers to bypass authentication, and insert new contest information into a database, via a direct POST request.

References

securityreason.com/securityalert/2453

www.securityfocus.com/archive/1/462702/100/100/threaded