PHP-AGTC Membership System Adduser.PHP Unauthorized Access Vulnerability
BID:26255
Info
PHP-AGTC Membership System Adduser.PHP Unauthorized Access Vulnerability
| Bugtraq ID: | 26255 |
| Class: | Design Error |
| CVE: |
CVE-2007-5752 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 30 2007 12:00AM |
| Updated: | May 20 2008 03:34PM |
| Credit: | 0x90 is credited with the discovery of this vulnerability. |
| Vulnerable: |
AGTC Websolutions PHP-AGTC membership system 1.1a |
| Not Vulnerable: | |
Discussion
PHP-AGTC Membership System Adduser.PHP Unauthorized Access Vulnerability
PHP-AGTC membership system is prone to an unauthorized-access vulnerability.
An attacker can exploit this issue to gain administrative access to the affected application.
This issue affects PHP-AGTC membership system 1.1a; other versions may also be affected.
PHP-AGTC membership system is prone to an unauthorized-access vulnerability.
An attacker can exploit this issue to gain administrative access to the affected application.
This issue affects PHP-AGTC membership system 1.1a; other versions may also be affected.
Exploit / POC
PHP-AGTC Membership System Adduser.PHP Unauthorized Access Vulnerability
Attackers may exploit this issue through a browser.
The following proof-of-concept examples are available:
Attackers may exploit this issue through a browser.
The following proof-of-concept examples are available:
Solution / Fix
PHP-AGTC Membership System Adduser.PHP Unauthorized Access Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
PHP-AGTC Membership System Adduser.PHP Unauthorized Access Vulnerability
References:
References:
- PHP-AGTC membership system Homepage (AGTC Websolutions)