Newsscript 1.0 - Administrative Privilege Escalation

Author: Peter Winter-Smith
type: webapps
platform: php
port: 
date_added: 2003-05-27  
date_updated: 2012-11-13  
verified: 1  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 22663.txt  

source: https://www.securityfocus.com/bid/7705/info

A vulnerability has been reported that could enable a member of the news system to create and access an administrative account. This is due to insufficient validation of data supplied to account editing input fields of Newsscript.

Peter<~>2