Email Subscription Vulnerability in SmartList 3.15 and Earlier

Email Subscription Vulnerability in SmartList 3.15 and Earlier

CVE-2005-0157 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The confirm add-on in SmartList 3.15 and earlier allows attackers to subscribe arbitrary e-mail addresses by using a valid cookie that specifies an address other than the address for which the cookie was assigned.

Learn more about our Web Application Penetration Testing UK.