1 results (0.004 seconds)
CVSS: 7.5EPSS: 3%CPEs: 6EXPL: 6
CVSS: 7.5EPSS: 3%CPEs: 6EXPL: 6CVE-2004-2254 – SurgeLDAP 1.0 - Web Administration Authentication Bypass
https://notcve.org/view.php?id=CVE-2004-2254
SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, allows remote attackers to bypass authentication for the administration interface via a direct request to admin.cgi with a modified utoken parameter. • https://www.exploit-db.com/exploits/24094 http://netwinsite.com/surgeldap/updates.htm http://secunia.com/advisories/11549 http://securitytracker.com/alerts/2004/May/1010113.html http://securitytracker.com/id?1010068 http://www.osvdb.org/5890 http://www.securityfocus.com/bid/10294 https://exchange.xforce.ibmcloud.com/vulnerabilities/16076 •