7 lines
No EOL
614 B
Text
7 lines
No EOL
614 B
Text
source: http://www.securityfocus.com/bid/19128/info
|
|
|
|
Multiple Rad Scripts products are prone to an authentication-bypass vulnerability. These issues occur because the applications fail to prevent an attacker from accessing admin scripts directly without requiring authentication.
|
|
|
|
A remote attacker can exploit these issues to perform administrative functions without requiring authentication. For example, the attacker may be able to overwrite existing files on the vulnerable computer in the context of the webserver process.
|
|
|
|
http://target.xxx/[product_home]/admin/a_editpage.php?filename=[arbitrary_file] |