PT-2000-1376 · Allmanage · Allmanage Website Administration

Publicado

2000-05-13

Atualizado

2008-09-10

CVE-2000-0435

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Allmanage Website administration software version 2.6

Description The issue allows remote attackers to modify user accounts or web pages by directly calling the allmanageup.pl file upload CGI script.

Recommendations For Allmanage Website administration software version 2.6, restrict access to the allmanageup.pl file upload CGI script to prevent direct calls from remote attackers.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2000-0435

Produtos afetados

Allmanage Website Administration

PT-2000-1376 · Allmanage · Allmanage Website Administration

CVE-2000-0435

Identificadores relacionados

Produtos afetados

Referências · 4