PT-2003-1174 · Unknown · Easy Homepage Creator

Publicado

2003-03-18

Atualizado

2008-09-05

CVE-2002-1427

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Easy Homepage Creator version 1.0

Description The issue concerns the print html to file function in edit.cgi, which fails to verify user credentials. This allows remote attackers to modify home pages belonging to other users.

Recommendations For Easy Homepage Creator version 1.0, consider disabling the print html to file function in edit.cgi until a patch is available to prevent unauthorized modifications to user home pages.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2002-1427

Produtos afetados

Easy Homepage Creator

PT-2003-1174 · Unknown · Easy Homepage Creator

CVE-2002-1427

Identificadores relacionados

Produtos afetados

Referências · 5