CVE-2000-0720
published 2000-10-20CVE-2000-0720: news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new…
PriorityP426medium5CVSS 2.0
AVNACLAuNCNIPAN
EXPLOIT
EPSS
6.16%
92.6th percentile
news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the new.cgi program with an addAuthor parameter, and setting the Referer to the news.cgi program.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gwscripts | gwscripts_news_publisher | — | — |
| gwscripts | gwscripts_news_publisher | — | — |
| gwscripts | gwscripts_news_publisher | — | — |
| gwscripts | gwscripts_news_publisher | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/1621http://www.securityfocus.com/templates/archive.pike?list=1&msg=003301c0123b%2418f8c1a0%24953b29d4%40e8s9s4https://exchange.xforce.ibmcloud.com/vulnerabilities/5169http://www.securityfocus.com/bid/1621http://www.securityfocus.com/templates/archive.pike?list=1&msg=003301c0123b%2418f8c1a0%24953b29d4%40e8s9s4https://exchange.xforce.ibmcloud.com/vulnerabilities/5169
2000-10-20
Published