[VIM] older MegaBBS issue not picked up by VDBs
Steven M. Christey
coley at mitre.org
Mon Jan 9 12:33:55 EST 2006
FYI - this was in the same big vendor forum page as the recently
disclosed send-private-message issue.
======================================================
Name: CVE-2004-2653
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2653
Reference: CONFIRM:http://www.pd9soft.com/megabbs/forums/thread-view.asp?tid=4924
Unspecified vulnerability in PD9 Software MegaBBS 2.0 and 2.1 allows
attackers to gain privileges via unknown vectors involving (1)
admin/userlevelmembers-edit.asp and (2) admin/edit-groups.asp.
More information about the VIM
mailing list