Code injection

2006-06-0301:02:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.7%

Hesabim.asp in ASPSitem 2.0 and earlier allows remote attackers to read private messages of other users via a modified id parameter.

CPENameOperatorVersion
aspsitemle2.0
aspsitemeq1.83

CPE	Name	Operator	Version
	aspsitem	le	2.0
	aspsitem	eq	1.83

References

secunia.com/advisories/20355

securityreason.com/securityalert/1021

www.nukedx.com/?viewdoc=39

www.securityfocus.com/archive/1/435287/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/26859