Vulnerabilities > CVE-2006-4607 - Input Validation vulnerability in Longino Jacome PHP-Revista 1.1.2

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
longino
exploit available

Summary

admin/index.php in Longino Jacome php-Revista 1.1.2 allows remote attackers to bypass authentication controls by setting the ID_ADMIN and SUPER_ADMIN parameters to 1.

Vulnerable Configurations

Part Description Count
Application
Longino
1

Exploit-Db

descriptionPHP-Revista 1.1.2 (RFI/SQLi/CB/XSS) Multiple Remote Vulnerabilities. CVE-2006-4605,CVE-2006-4606,CVE-2006-4607,CVE-2006-4608. Webapps exploit for php platform
fileexploits/php/webapps/8425.txt
idEDB-ID:8425
last seen2016-02-01
modified2009-04-14
platformphp
port
published2009-04-14
reporterSirDarckCat
sourcehttps://www.exploit-db.com/download/8425/
titlephp-revista 1.1.2 rfi/sqli/cb/XSS Multiple Vulnerabilities
typewebapps