RSS   Vulnerabilities for 'Subscribe me lite'   RSS

2001-02-12
 
CVE-2001-0086

CWE-Other
 

 
CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote attackers to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a parameter.

 
2000-10-20
 
CVE-2000-0688

 

 
Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd parameter.

 

 >>> Vendor: Cgi script center 4 Products
Auction weaver
Subscribe me lite
Account manager
News update


Copyright 2024, cxsecurity.com

 

Back to Top