NuytsTech Security

CVE-2004-0621

by ·

admin.php in Newsletter ZWS allows remote attackers to gain administrative privileges via a list_user operation with the ulevel parameter set to 1 (administrator level), which lists all users and their passwords.

Date published : 2004-06-30

http://www.securityfocus.com/bid/10605

http://marc.info/?l=bugtraq&m=108811585025216&w=2

Tags: