CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-0621

admin.php in Newsletter ZWS allows remote attackers to gain administrative privileges via a list_user operation with the ulevel parameter set to 1 (administrator level), which lists all users and their passwords.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.029

EPSS Ranking 85.7%

CVSS Severity

CVSS v2 Score 10.0

References

http://marc.info/?l=bugtraq&m=108811585025216&w=2
http://www.securityfocus.com/bid/10605
https://exchange.xforce.ibmcloud.com/vulnerabilities/16507
http://marc.info/?l=bugtraq&m=108811585025216&w=2
http://www.securityfocus.com/bid/10605
https://exchange.xforce.ibmcloud.com/vulnerabilities/16507

Products affected by CVE-2004-0621

Zaireweb Solutions » Newsletter Zws » Version: Any

cpe:2.3:a:zaireweb_solutions:newsletter_zws:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-0621

Products

Pricing

Contact Us