CGI Script Center Subscribe Me LITE 2.0 and previous versions allows remote malicious users to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cgi script center subscribe me lite 1.0 |
||
cgi script center subscribe me lite 2.0 |