note : This is not apparent in the commercial versions, (tested on three different versions ) the author was notified and appropriate changes have since been made.
product page -
vendor notice -
Users of Subscribe Me Lite 1.0 - 2.0 Unix or 1.0 - 2.0 NT, update today to protect your Subscribe Me Lite from outside access to your administration panel.
yes thats right, the malicious user can cause somewhat considerable damage to a subscribe me lite mailing list if you are using versions 1.0 - 2.0 Unix or 1.0 - 2.0 NT a simple web browser pre-formatted call, can allow an attacker to delete ANY user from the list in the form of
The user will be deleted from the list without any kind of verification whatsoever.
The vendor has updated with this information, please update yours.
Thanks Tom (Digital Vampire)
IC-CRYPT.com // Enhancing communications since 1998