- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 28261
- Проверка EDB
-
- Пройдено
- Автор
- INVENT
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- null
- Дата публикации
- 2006-07-24
Код:
source: https://www.securityfocus.com/bid/19128/info
Multiple Rad Scripts products are prone to an authentication-bypass vulnerability. These issues occur because the applications fail to prevent an attacker from accessing admin scripts directly without requiring authentication.
A remote attacker can exploit these issues to perform administrative functions without requiring authentication. For example, the attacker may be able to overwrite existing files on the vulnerable computer in the context of the webserver process.
http://target.xxx/[product_home]/admin/a_editpage.php?filename=[arbitrary_file]- Источник
- www.exploit-db.com
