NuytsTech Security

CVE-2004-2733

by ·

Web Wiz Forums 7.7a uses invalid logic to determine user privileges, which allows remote attackers to (1) block arbitrary IP addresses via pop_up_ip_blocking.asp or (2) modify topics via pop_up_topic_admin.asp.

Date published : 2007-10-09

http://www.securityfocus.com/bid/10255

http://archives.neohapsis.com/archives/fulldisclosure/2004-04/1119.html

Tags: