RSS   Vulnerabilities for 'Photodb'   RSS

2002-12-31
 
CVE-2002-1726

 

 
secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass authentication via a URL with a large Time parameter, non-empty rmtusername and rmtpassword parameter, and an accesslevel parameter that is lower than the access level of the requested page.

 


Copyright 2024, cxsecurity.com

 

Back to Top