CVE Record: CVE-2000-0720

Required CVE Record Information

Description

news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the new.cgi program with an addAuthor parameter, and setting the Referer to the news.cgi program.

Product Status

Learn more

Information not provided

References 3 Total

exchange.xforce.ibmcloud.com: news-publisher-add-author(5169)
external site
vdb-entry
securityfocus.com: 1621
external site
vdb-entry
securityfocus.com: 20000829 News Publisher CGI Vulnerability
external site
mailing-list

Updated: 2024-08-08

This container includes required additional information provided by the CVE Program for this vulnerability.

References 3 Total

exchange.xforce.ibmcloud.com: news-publisher-add-author(5169)
external site
vdb-entryx_transferred
securityfocus.com: 1621
external site
vdb-entryx_transferred
securityfocus.com: 20000829 News Publisher CGI Vulnerability
external site
mailing-listx_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: MITRE Corporation

Description

Product Status

References 3 Total

CVE Program

References 3 Total