CVE-2004-2733

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 5.8

EPSS Низкий

Описание

Web Wiz Forums 7.7a uses invalid logic to determine user privileges, which allows remote attackers to (1) block arbitrary IP addresses via pop_up_ip_blocking.asp or (2) modify topics via pop_up_topic_admin.asp.

Ссылки

http://archives.neohapsis.com/archives/fulldisclosure/2004-04/1119.html
http://secunia.com/advisories/11525
Vendor Advisory
http://securitytracker.com/id?1010012
http://www.osvdb.org/5750
http://www.osvdb.org/5751
http://www.securityfocus.com/bid/10255
https://exchange.xforce.ibmcloud.com/vulnerabilities/16030
https://exchange.xforce.ibmcloud.com/vulnerabilities/16031
http://archives.neohapsis.com/archives/fulldisclosure/2004-04/1119.html
http://secunia.com/advisories/11525
Vendor Advisory
http://securitytracker.com/id?1010012
http://www.osvdb.org/5750
http://www.osvdb.org/5751
http://www.securityfocus.com/bid/10255
https://exchange.xforce.ibmcloud.com/vulnerabilities/16030
https://exchange.xforce.ibmcloud.com/vulnerabilities/16031

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:webwiz:web_wiz_forums:7.7:a:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01013

Низкий

5.8 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-fp5p-25cc-hp7j

github

почти 4 года назад