CVE-2003-1176

critical

Description

post_message_form.asp in Web Wiz Forums 6.34 through 7.5, when quote mode is used, allows remote attackers to read or write to private forums by modifying the FID (forum ID) parameter.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/13581

http://www.securityfocus.com/archive/1/343314

http://www.osvdb.org/2768

http://securitytracker.com/id?1008100

http://secunia.com/advisories/10137

Details

Source: Mitre, NVD

Published: 2003-12-31

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

EPSS

EPSS: 0.07883