Vulnerability Details CVE-2000-0689
Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.084
EPSS Ranking 92.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0291.html
- http://www.cgiscriptcenter.com/acctlite/
- http://www.osvdb.org/13341
- http://www.securityfocus.com/bid/1604
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5125
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0291.html
- http://www.cgiscriptcenter.com/acctlite/
- http://www.osvdb.org/13341
- http://www.securityfocus.com/bid/1604
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5125
Products affected by CVE-2000-0689
-
cpe:2.3:a:cgi_script_center:account_manager:lite_1.0
-
cpe:2.3:a:cgi_script_center:account_manager:pro_1.0