Back to search
CVE-2000-0720
Published: May 7, 2001
Modified: Aug 8, 2024
PUBLISHED
Description
news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the new.cgi program with an addAuthor parameter, and setting the Referer to the news.cgi program.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
news-publisher-add-author(5169)
vdb-entry
x_refsource_XF
1621
vdb-entry
x_refsource_BID
20000829 News Publisher CGI Vulnerability
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now