CVE-2009-2040

Metadata

CVE-2009-2040
7.5
exchange.xforce.ibmcloud.com, exploit-db.com
2009-06-12
2017-09-29 06:09

Description

admin/options.php in Grestul 1.2 does not properly restrict access, which allows remote attackers to bypass authentication and create administrative accounts via a manage_admin action in a direct request.

Related Vulnerabilities