CVE-2003-0588

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1270%

EPSS Percentile39.55th

Published2003年8月18日

Last Modified2026年4月16日

Vulnerability Description

admin.php in Digi-news 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password.

Affected Platforms (CPE)

📦

Digi Fx

Digi News

= 1.1

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=105839007002993&w=2

関連する脆弱性情報

CVE-2003-030410.0

one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the inst...

CVE-2003-019610.0

Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service...

CVE-2003-109010.0

Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote attackers to execute arbitrary code via a long window title.

CVE-2003-016110.0

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions ...