RSS   Podatności dla 'Snews'   RSS

2007-01-16
 
CVE-2007-0261

 

 
snews.php in sNews 1.5.30 and earlier does not properly exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions, as demonstrated by changing an administrative password via the changeup task, and by uploading PHP code via the imagefile parameter.

 

 >>> Vendor: Snews 2 Produkty
Snews
Snews cms rus


Copyright 2024, cxsecurity.com

 

Back to Top