[VIM] older MegaBBS issue not picked up by VDBs

Steven M. Christey coley at mitre.org
Mon Jan 9 12:33:55 EST 2006

FYI - this was in the same big vendor forum page as the recently
disclosed send-private-message issue.

Name: CVE-2004-2653
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2653
Reference: CONFIRM:http://www.pd9soft.com/megabbs/forums/thread-view.asp?tid=4924

Unspecified vulnerability in PD9 Software MegaBBS 2.0 and 2.1 allows
attackers to gain privileges via unknown vectors involving (1)
admin/userlevelmembers-edit.asp and (2) admin/edit-groups.asp.

More information about the VIM mailing list