PHP-Coolfile 1.4 - Unauthorized Administrative Access
| EKU-ID: 28820 | CVE: OSVDB-2809 | OSVDB-ID: |
| Author: r00t@rsteam.ru | Published: 2003-11-11 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 28820 | CVE: OSVDB-2809 | OSVDB-ID: |
| Author: r00t@rsteam.ru | Published: 2003-11-11 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/9018/info PHP-Coolfile allows unauthorized administrative access due to an error in the way access is evaluated in the action.php file. This could allow a remote user to obtain the administrative username and password for the site. www.site.com/php-coolfile/action.php?action=edit&file=config.php