Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:590
HistoryAug 24, 2000 - 12:00 a.m.

Subscribe Me Vulnerability

2000-08-2400:00:00
vulners.com
138
JSON

Product: Subscribe Me
Versions: ALL version numbers LITE only
OS: Unix and Winnt
Vendor: Notified, http://www.cgiscriptcenter.com/

The Problem:

Yet again the script allows a remote user to overwrite the Admin Passwd file with

any password they see fit. Therefore giving them Admin access to the Maillist Script

Exploit:

See the .zip file Attached

Patches:

Already Available see website, download version is patched.

n30
[email protected]
www.alldas.de

JSON