Unauthenticated Remote Modification of User Home Pages in Easy Homepage Creator 1.0

Unauthenticated Remote Modification of User Home Pages in Easy Homepage Creator 1.0

CVE-2002-1427 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The print_html_to_file function in edit.cgi for Easy Homepage Creator 1.0 does not check user credentials, which allows remote attackers to modify home pages of other users.

Learn more about our User Device Pen Test.