PT-2003-1174 · Unknown · Easy Homepage Creator

Published

2003-03-18

Updated

2008-09-05

CVE-2002-1427

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Easy Homepage Creator version 1.0

Description The issue concerns the print html to file function in edit.cgi, which fails to verify user credentials. This allows remote attackers to modify home pages belonging to other users.

Recommendations For Easy Homepage Creator version 1.0, consider disabling the print html to file function in edit.cgi until a patch is available to prevent unauthorized modifications to user home pages.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1427

Affected Products

Easy Homepage Creator

PT-2003-1174 · Unknown · Easy Homepage Creator

CVE-2002-1427

Related Identifiers

Affected Products

References · 5