Remote Code Execution in Web Wiz Forums 6.34 through 7.5 via FID Parameter Manipulation

Remote Code Execution in Web Wiz Forums 6.34 through 7.5 via FID Parameter Manipulation

CVE-2003-1176 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

post_message_form.asp in Web Wiz Forums 6.34 through 7.5, when quote mode is used, allows remote attackers to read or write to private forums by modifying the FID (forum ID) parameter.

Learn more about our Web App Pen Testing.