header-logo
Suggest Exploit
vendor:
P-News
by:
SecurityFocus
7.5
CVSS
HIGH
Insufficient Validation of Data
20
CWE
Product Name: P-News
Affected Version From: P-News 1.16
Affected Version To: P-News 1.16
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

P-News Administrative Account Creation Vulnerability

A vulnerability has been reported that could enable a P-News member to create and access an administrative account due to insufficient validation of data supplied to account editing input fields of P-News.

Mitigation:

Input validation should be performed to ensure that only valid data is accepted.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7689/info

A vulnerability has been reported that could enable a P-News member to create and access an administrative account. This is due to insufficient validation of data supplied to account editing input fields of P-News.

This issue was reported in P-News 1.16. Other versions may also be affected. 

Peter|-|21232f297a57a5a743894a0e4a801fc3|-|0|-|none@nowhere.com|-||-|179ad45c6ce2cb97cf1029e212046e81|-|2|-|peter@aol.com|-|

Navigation

Suggest Exploit

Services By CQR