Vulnerabilities > CVE-2005-1169 - Authentication Bypass vulnerability in Mafia Blog 4Beta

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
mafia

Summary

Mafia Blog .4 BETA does not properly protect the admin directory, which allows remote attackers to execute arbitrary PHP code by using writeinfo.php to inject the code into info.php.

Vulnerable Configurations

Part Description Count
Application
Mafia
1