ID | CVE-2006-0724 | ||||||
Sažetak | profile.php in Reamday Enterprises Magic News Lite 1.2.3, when register_globals is enabled, allows remote attackers to modify program behavior, potentially bypassing authentication controls, via modified (1) action, (2) passwd, (3) admin_password, (4) new_passwd, and (5) confirm_passwd variables, which are not initialized. | ||||||
Reference | |||||||
CVSS |
|
||||||
Pristup |
|
||||||
Impact |
|
||||||
CVSS vektor | AV:N/AC:H/Au:N/C:N/I:P/A:N | ||||||
Zadnje važnije ažuriranje | 20-07-2017 - 01:30 | ||||||
Objavljeno | 16-02-2006 - 11:02 |