Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Cgi Script Center Subscribe
Filtered by product Subscribe Me Lite
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-0086 1 Cgi Script Center 1 Subscribe Me Lite 2017-12-18 5.0 MEDIUM N/A
CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote attackers to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a parameter.
CVE-2000-0688 1 Cgi Script Center 1 Subscribe Me Lite 2016-10-17 7.5 HIGH N/A
Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd parameter.