2 matches found
CVE-2003-1212
MaxWebPortal 1.30 is affected. The vulnerability allows remote attackers to perform unauthorized actions by tampering with hidden form fields (examples: news, lock, allmem) on the 'start new topic' HTML page. Root cause is modification of hidden fields, enabling unauthorized actions. The availabl...
CVE-2003-1212
MaxWebPortal 1.30 allows remote attackers to perform unauthorized actions by modifying hidden form fields, such as the 1 news, 2 lock, or 3 allmem fields in the 'start new topic' HTML page...