Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6414

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-6414
Last Modified 05 Sep 2008 05:33:11
Published 17 Dec 2007 06:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6414

Summary

admin/administrator.php in Adult Script 1.6 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to bypass authentication and obtain administrative credentials via a direct request. NOTE: this can be leveraged for arbitrary code execution through a request to admin/videolinks_view.php.

Vulnerable Systems

Application

  • Adultscript 1.6


References

BID - 26870

MILW0RM - 4731

SECUNIA - 28064

XF - adultscript-administrator-security-bypass(39034)


Last Updated: 27 May 2016 10:46:28