https://www.exploit-db.com/exploits/25090

漏洞细节尚未披露

source: http://www.securityfocus.com/bid/12489/info

xGB is reportedly affected by a vulnerability that could permit unauthorized administrator access. This issue is due to the application failing to properly verify user credentials.

A malicious user could exploit this vulnerability to bypass user authentication and gain administrative access.

This vulnerability is reported to affect xGB version 2.0; earlier versions may also be vulnerable. 

http://www.example.com/xGB.php?act=admin&do=edit