CVE-2000-0435 Information

Description

The allmanageup.pl file upload CGI script in the Allmanage Website administration software 2.6 can be called directly by remote attackers which allows them to modify user accounts or web pages.

Reference

http://archives.neohapsis.com/archives/bugtraq/2000-05/0167.html http://www.osvdb.org/1337 http://www.securityfocus.com/bid/1217