Vulnerabilities > CVE-2003-1176 - Unspecified vulnerability in BDC Enterprises web WIZ Forums 6.34/7.01/7.5

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

bdc-enterprises

exploit available

NVD

Published: 2003-12-31

Updated: 2017-07-11

Summary

post_message_form.asp in Web Wiz Forums 6.34 through 7.5, when quote mode is used, allows remote attackers to read or write to private forums by modifying the FID (forum ID) parameter.

Vulnerable Configurations

Part	Description	Count
Application	Bdc_Enterprises BDC Enterprises WEB WIZ Forums 6.34 BDC Enterprises WEB WIZ Forums 7.01 BDC Enterprises WEB WIZ Forums 7.5	3

Exploit-Db

description	Web Wiz Forum 6.34/7.0/7.5 Unauthorized Private Forum Access Vulnerability. CVE-2003-1176. Webapps exploit for asp platform
id	EDB-ID:23331
last seen	2016-02-02
modified	2003-11-03
published	2003-11-03
reporter	Alexander Antipov
source	https://www.exploit-db.com/download/23331/
title	Web Wiz Forum 6.34/7.0/7.5 - Unauthorized Private Forum Access Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References