Newsscript - Access Validation
| EKU-ID: 30556 | CVE: CVE-2005-0735;OSVDB-15731 | OSVDB-ID: |
| Author: adrianc23@gmail.com | Published: 2005-03-08 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 30556 | CVE: CVE-2005-0735;OSVDB-15731 | OSVDB-ID: |
| Author: adrianc23@gmail.com | Published: 2005-03-08 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/12761/info NewsScript is reported prone to an access validation vulnerability. This issue may allow an unauthorized attacker to add, modify and delete messages. It is reported that an attacker can exploit this issue by issuing a specially crafted HTTP GET request for the 'newsscript.pl' script to bypass access checks and carry out administrative tasks. www.example.com/newsscript.pl?mode=admin