NuytsTech Security

CVE-2002-1084

by ·

The VerifyLogin function in ezContents 1.41 and earlier does not properly halt program execution if a user fails to log in properly, which allows remote attackers to modify and view restricted information via HTTP POST requests.

Date published : 2002-08-31

http://online.securityfocus.com/archive/1/284229

http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0040.html

Tags: