Vulnerabilities > CVE-2003-0589 - Security Bypass vulnerability in Digi-Fx Digi-News 1.1

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

digi-fx

critical

NVD

Published: 2003-08-18

Updated: 2016-10-18

Summary

admin.php in Digi-ads 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password.

Vulnerable Configurations

Part	Description	Count
Application	Digi-Fx Digi FX Digi News 1.1	1

References

http://marc.info/?l=bugtraq&m=105839007002993&w=2