Описание
post_message_form.asp in Web Wiz Forums 6.34 through 7.5, when quote mode is used, allows remote attackers to read or write to private forums by modifying the FID (forum ID) parameter.
Ссылки
- Exploit
- Patch
- Exploit
- Exploit
- Patch
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:bdc_enterprises:web_wiz_forums:6.34:*:*:*:*:*:*:*
cpe:2.3:a:bdc_enterprises:web_wiz_forums:7.01:*:*:*:*:*:*:*
cpe:2.3:a:bdc_enterprises:web_wiz_forums:7.5:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.07883
Низкий
6.4 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
post_message_form.asp in Web Wiz Forums 6.34 through 7.5, when quote mode is used, allows remote attackers to read or write to private forums by modifying the FID (forum ID) parameter.
EPSS
Процентиль: 92%
0.07883
Низкий
6.4 Medium
CVSS2
Дефекты
NVD-CWE-Other