CVE-2002-0776

2003-04-0205:00:00

mitre

www.cve.org

7 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.4%

JSON

getuserdesc.asp in Hosting Controller 2002 allows remote attackers to change the passwords of arbitrary users and gain privileges by modifying the username parameter, as addressed by the “UpdateUser” hot fix.

References

hostingcontroller.com/english/logs/sp2log.html

online.securityfocus.com/archive/1/282129

www.iss.net/security_center/static/9554.php

www.securityfocus.com/bid/5229