Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2733

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2004-2733
Last Modified 02 Dec 2010 11:48:09
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2004-2733

Summary

Web Wiz Forums 7.7a uses invalid logic to determine user privileges, which allows remote attackers to (1) block arbitrary IP addresses via pop_up_ip_blocking.asp or (2) modify topics via pop_up_topic_admin.asp.

Vulnerable Systems

Application

  • Webwiz Web Wiz Forums 7.7


References

XF - webwizforums-unauth-ip-blocking(16031)

XF - webwizforums-popuptopicadmin-modify(16030)

BID - 10255

OSVDB - 5751

OSVDB - 5750

SECTRACK - 1010012

SECUNIA - 11525

FULLDISC - 20040430 Critical bug in Web Wiz Forum


Last Updated: 27 May 2016 10:39:36