EzCourses 'admin.asp' Security Bypass Vulnerability Network Vulnerability

Summary

ezCourses is prone to a security-bypass vulnerability because it fails to properly validate user-supplied input. Attackers could exploit the issue to bypass certain security restrictions and add or change the 'admin' account password.

References

http://www.ezhrs.com/ezCourses.asp
http://www.securityfocus.com/bid/49907

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:P/A:N

Related Vulnerabilities

AjaXplorer 'doc_file' Parameter Local File Disclosure Vulnerability
Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities
Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
Apache Archiva Home Page Cross-Site Scripting vulnerability
APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability

ezCourses 'admin.asp' Security Bypass Vulnerability

Take action and discover your vulnerabilities