[] NeoSense
E X P L O I T S
title author type platform port cve id

Web Wiz Forum 6.34/7.0/7.5 - Unauthorized Private Forum Access

Author: Alexander Antipov
type: webapps
platform: asp
port: 
date_added: 2003-11-03 
date_updated: 2012-12-12 
verified: 1 
codes: CVE-2003-1176;OSVDB-64090 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/8957/info

A vulnerability has been reported in Web Wiz Forum that could allow unauthorized access to private forums. The problem occurs when handling malformed requests that make use of 'quote' mode. When this mode is used, Web Wiz Forum will allegedly fail to carry out sufficient checks between the requested forum and message. As a result, an attacker could potentially read or write to a private forum.

http://www.example.com/post_message_form.asp?mode=quote&PID=1111&FID=1&TID=11&TPN=1
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.