Vulnerabilities

CVE-2007-2371

by Fred · 30/04/2007

admin/index.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier provides access to configuration modification before login, which allows remote attackers to cause a denial of service (loss of configuration data), and possibly perform direct static code injection, via a saveGlobalconfig action.

Date published : 2007-04-30

http://www.securityfocus.com/bid/23342

https://www.exploit-db.com/exploits/3671

Related

Tags: Cybersecurity Alert