CVE-2003-1212 Information

Description

MaxWebPortal 1.30 allows remote attackers to perform unauthorized actions by modifying hidden form fields such as the (1) news (2) lock or (3) allmem fields in the ‘start new topic’ HTML page.

Reference

http://archives.neohapsis.com/archives/bugtraq/2003-06/0048.html http://secunia.com/advisories/8979 http://www.osvdb.org/4933 http://www.securityfocus.com/bid/7837 https://exchange.xforce.ibmcloud.com/vulnerabilities/12278