Py-Membres 4.x – ‘Secure.php’ Unauthorized Access

24次阅读
没有评论

Py-Membres 4.x – ‘Secure.php’ Unauthorized Access

漏洞ID 1054126 漏洞类型
发布时间 2003-08-26 更新时间 2003-08-26
Py-Membres 4.x - 'Secure.php' Unauthorized AccessCVE编号 N/A
Py-Membres 4.x - 'Secure.php' Unauthorized AccessCNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/23060
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/8499/info

A vulnerability has been reported for Py-Membres that allows remote attackers to obtain administrative privileges on vulnerable installations.

Reportedly, Py-Membres does not fully check some URI parameters. Thus it is possible for an attacker to manipulate URI parameters and log into the system as an administrative user without the need for passwords.

http://www.example.com/admin/admin.php?adminpy=1

相关推荐: Nano Local File Overwrite Vulnerability

Nano Local File Overwrite Vulnerability 漏洞ID 1103639 漏洞类型 Design Error 发布时间 2000-12-17 更新时间 2000-12-17 CVE编号 N/A CNNVD-ID N/A 漏洞平台…

正文完
 0