Subscribe-Me Lite Administration Access Vulnerability

A vulnerability exists in certain versions of Subscribe-Me Lite, the non-commercial version of a mailing list administration script from cgiscriptcenter.com. Windows and Unix versions are affected.

It is possible for an attacker to obtain access to the script's administration panel, and to delete arbitrary members from the mailing lists supported by the vulnerable script.

Further technical details were not supplied in the original advisory.


 

Privacy Statement
Copyright 2010, SecurityFocus