RSS   Vulnerabilities for 'Newsletter zws'   RSS

2004-12-06
 
CVE-2004-0621

 

 
admin.php in Newsletter ZWS allows remote attackers to gain administrative privileges via a list_user operation with the ulevel parameter set to 1 (administrator level), which lists all users and their passwords.

 


Copyright 2024, cxsecurity.com

 

Back to Top