CVE-2003-1212

2005-05-1904:00:00

mitre

www.cve.org

6.5 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.8%

JSON

MaxWebPortal 1.30 allows remote attackers to perform unauthorized actions by modifying hidden form fields, such as the (1) news, (2) lock, or (3) allmem fields in the ‘start new topic’ HTML page.

References

archives.neohapsis.com/archives/bugtraq/2003-06/0048.html

secunia.com/advisories/8979

www.osvdb.org/4933

www.securityfocus.com/bid/7837

exchange.xforce.ibmcloud.com/vulnerabilities/12278