RSS   Vulnerabilities for 'Allmanage'   RSS

2000-05-13
 
CVE-2000-0435

 

 
The allmanageup.pl file upload CGI script in the Allmanage Website administration software 2.6 can be called directly by remote attackers, which allows them to modify user accounts or web pages.

 
 
CVE-2000-0434

 

 
The administrative password for the Allmanage web site administration software is stored in plaintext in a file which could be accessed by remote attackers.

 


Copyright 2017, cxsecurity.com