Vulnerabilities > CVE-2000-0720 - Unspecified vulnerability in Gwscripts News Publisher
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN gwscripts
exploit available
Summary
news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the new.cgi program with an addAuthor parameter, and setting the Referer to the news.cgi program.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |
Exploit-Db
description | GWScripts News Publisher 1.0 author.file Write Vulnerability. CVE-2000-0720. Remote exploit for cgi platform |
id | EDB-ID:20183 |
last seen | 2016-02-02 |
modified | 2000-08-29 |
published | 2000-08-29 |
reporter | n30 |
source | https://www.exploit-db.com/download/20183/ |
title | GWScripts News Publisher 1.0 - author.file Write Vulnerability |