Reporter | Title | Published | Views | Family All 6 |
---|---|---|---|---|
Cvelist | CVE-2005-0735 | 13 Mar 200505:00 | โ | cvelist |
CVE | CVE-2005-0735 | 2 May 200504:00 | โ | cve |
CVE | CVE-2005-0727 | 2 May 200504:00 | โ | cve |
Tenable Nessus | NewsScript newsscript.pl mode Parameter Privilege Escalation | 10 Mar 200500:00 | โ | nessus |
NVD | CVE-2005-0735 | 2 May 200504:00 | โ | nvd |
NVD | CVE-2005-0727 | 2 May 200504:00 | โ | nvd |
source: https://www.securityfocus.com/bid/12761/info
NewsScript is reported prone to an access validation vulnerability. This issue may allow an unauthorized attacker to add, modify and delete messages.
It is reported that an attacker can exploit this issue by issuing a specially crafted HTTP GET request for the 'newsscript.pl' script to bypass access checks and carry out administrative tasks.
www.example.com/newsscript.pl?mode=admin
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo