MidnightBSD

Advisories for zaireweb_solutions

CVE-2004-0621 HIGH

admin.php in Newsletter ZWS allows remote attackers to gain administrative privileges via a list_user operation with the ulevel parameter set to 1 (administrator level), which lists all users and their passwords.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
zaireweb_solutions newsletter_zws *