XGB 2.0 - Authentication Bypass

EDB-ID:

25090

CVE:

N/A


Platform:

PHP

Published:

2005-02-08

source: http://www.securityfocus.com/bid/12489/info

xGB is reportedly affected by a vulnerability that could permit unauthorized administrator access. This issue is due to the application failing to properly verify user credentials.

A malicious user could exploit this vulnerability to bypass user authentication and gain administrative access.

This vulnerability is reported to affect xGB version 2.0; earlier versions may also be vulnerable. 

http://www.example.com/xGB.php?act=admin&do=edit