1 results (0.001 seconds)
CVSS: 9.8EPSS: 13%CPEs: 6EXPL: 6
CVSS: 9.8EPSS: 13%CPEs: 6EXPL: 6CVE-2004-2254 – SurgeLDAP 1.0 - Web Administration Authentication Bypass
https://notcve.org/view.php?id=CVE-2004-2254
31 Dec 2004 — SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, allows remote attackers to bypass authentication for the administration interface via a direct request to admin.cgi with a modified utoken parameter. • https://www.exploit-db.com/exploits/24094 •