Subscribe Me Lite
CVEs (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2000-0688 | 0.04 | — | 0.07 | Oct 20, 2000 | Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd parameter. | ||
| CVE-2001-0086 | 0.00 | — | 0.01 | Feb 12, 2001 | CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote attackers to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a parameter. |
- CVE-2000-0688Oct 20, 2000risk 0.04cvss —epss 0.07
Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd parameter.
- CVE-2001-0086Feb 12, 2001risk 0.00cvss —epss 0.01
CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote attackers to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a parameter.