7 lines
No EOL
446 B
Text
7 lines
No EOL
446 B
Text
source: http://www.securityfocus.com/bid/12761/info
|
|
|
|
NewsScript is reported prone to an access validation vulnerability. This issue may allow an unauthorized attacker to add, modify and delete messages.
|
|
|
|
It is reported that an attacker can exploit this issue by issuing a specially crafted HTTP GET request for the 'newsscript.pl' script to bypass access checks and carry out administrative tasks.
|
|
|
|
www.example.com/newsscript.pl?mode=admin |