Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4926


Vulnerability Score 6.4 6.4
CVE Id CVE-2012-4926
Last Modified 18 Sep 2012 12:00:00
Published 15 Sep 2012 01:55:07
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



approve.php in Img Pals Photo Host 1.0 does not authenticate requests, which allows remote attackers to change the activation of administrators via the u parameter in an (1) app0 (disable) or (2) app1 (enable) action.

Vulnerable Systems


  • Imgpals Img Pals Photo Host 1.0


EXPLOIT-DB - 18544

BUGTRAQ - 20120228 ImgPals Photo Host Version 1.0 Admin Account Disactivation

Last Updated: 27 May 2016 11:00:42