EzCourses 'admin.asp' Security Bypass Vulnerability Network Vulnerability

Summary

ezCourses is prone to a security-bypass vulnerability because it fails to properly validate user-supplied input. Attackers could exploit the issue to bypass certain security restrictions and add or change the 'admin' account password.

References

http://www.ezhrs.com/ezCourses.asp
http://www.securityfocus.com/bid/49907

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:P/A:N

Related Vulnerabilities

@Mail 'MailType' Parameter Cross Site Scripting Vulnerability
Advanced Image Hosting Cross Site Scripting Vulnerability
Apache Rave User Information Disclosure Vulnerability
/cgi-bin directory browsable ?
AMSI 'file' Parameter Directory Traversal Vulnerability

ezCourses 'admin.asp' Security Bypass Vulnerability

Take action and discover your vulnerabilities