Moole Vulnerability Database

Find real vulnerabilities before they ship

Unknown

CVE-2000-0435

The allmanageup.pl file upload CGI script in the Allmanage Website administration software 2.6 can be called directly by remote attackers, which allows them to modify user accounts or web pages.

PublishedMay 13, 2000, 04:00

Published Bycve@mitre.org

Affected Versions

No affected versions found.

References

http://archives.neohapsis.com/archives/bugtraq/2000-05/0167.html
http://www.osvdb.org/1337
http://www.securityfocus.com/bid/1217

Weakness Type

NVD-CWE-Other

CVSS Metrics

Base Score

7.5

Vector String

AV:N/AC:L/Au:N/C:P/I:P/A:P

Base SeverityUnknown

Version

2.0

Attack Vector (AV)