PT-2004-1458 · Webcortex · Webcortex Webstores 2000

Published

2004-03-18

Updated

2017-07-11

CVE-2004-0304

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions WebCortex WebStores 2000 version 6.0

Description The issue allows remote attackers to gain unauthorized access and execute arbitrary commands. This is achieved via the Search Text parameter in the "browse items.asp" endpoint.

Recommendations For WebCortex WebStores 2000 version 6.0, consider restricting access to the browse items.asp endpoint until a patch is available, and avoid using the Search Text parameter to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-0304

Affected Products

Webcortex Webstores 2000

PT-2004-1458 · Webcortex · Webcortex Webstores 2000

CVE-2004-0304

Related Identifiers

Affected Products

References · 6