Vulnerabilities > Zaireweb Solutions
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-06 | CVE-2004-0621 | Authentication Bypass vulnerability in ZaireWeb Solutions Newsletter ZWS Administrative Interface admin.php in Newsletter ZWS allows remote attackers to gain administrative privileges via a list_user operation with the ulevel parameter set to 1 (administrator level), which lists all users and their passwords. | 10.0 |