header-logo
Suggest Exploit
vendor:
Site News
by:
Unknown
5.5
CVSS
MEDIUM
Authentication Bypass
287
CWE
Product Name: Site News
Affected Version From:
Affected Version To:
Patch Exists: Unknown
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

UtilMind Solutions Site News Authentication Bypass

An unauthenticated attacker can exploit an access validation error in UtilMind Solutions Site News to display and manipulate arbitrary news items.

Mitigation:

Implement proper access controls and authentication mechanisms to prevent unauthorized access.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11126/info

Reportedly UtilMind Solutions Site News is affected by an authentication bypass vulnerability. This issue is due to an access validation error.

An unauthenticated attacker can leverage this issue to display and manipulate arbitrary news items.

http://www.example.com/ sitenews.cgi?update\?oldsubject=OLD_SUBJ&subject=NEW_SUBJ&name=ANY_NAME&issue=ISSUE&message=MESSAGE

Navigation

Suggest Exploit

Services By CQR