CVE-2001-0086

Description

CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote attackers to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a parameter.

Affected products

• cgi_script_center / subscribe_me_lite1.0 – 1.0
• cgi_script_center / subscribe_me_lite2.0 – 2.0

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/5735
• MISChttp://archives.neohapsis.com/archives/bugtraq/2000-12/0160.html
• MISChttp://www.securityfocus.com/bid/2108