Unauthenticated Access to Alabanza Control Panel Allows Domain Name Modification

Unauthenticated Access to Alabanza Control Panel Allows Domain Name Modification

CVE-2000-1023 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The Alabanza Control Panel does not require passwords to access administrative commands, which allows remote attackers to modify domain name information via the nsManager.cgi CGI program.

Learn more about our Web Application Penetration Testing UK.