Vulnerabilities > CVE-2006-5412 - Authentication Bypass vulnerability in PHP Outburst Easynews
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
admin.php in PHP Outburst Easynews 4.4.1 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication, and gain the ability to execute arbitrary code, via the en_login_id parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Easynews <= 4.4.1 (admin.php) Authentication Bypass Vulnerability. CVE-2006-5412. Webapps exploit for php platform |
file | exploits/php/webapps/2588.txt |
id | EDB-ID:2588 |
last seen | 2016-01-31 |
modified | 2006-10-17 |
platform | php |
port | |
published | 2006-10-17 |
reporter | nuffsaid |
source | https://www.exploit-db.com/download/2588/ |
title | Easynews <= 4.4.1 admin.php Authentication Bypass Vulnerability |
type | webapps |