NuytsTech Security

CVE-2008-4484

by ·

main.php in Crux Gallery 1.32 and earlier allows remote attackers to gain administrative access by setting the name parameter to "users," as demonstrated via index.php.

Date published : 2008-10-07

http://www.securityfocus.com/bid/31430

http://www.securityfocus.com/archive/1/496763/100/0/threaded

Tags: