Vulnerabilities > CVE-2007-6414 - Credentials Management vulnerability in Adultscript 1.6
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
admin/administrator.php in Adult Script 1.6 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to bypass authentication and obtain administrative credentials via a direct request. NOTE: this can be leveraged for arbitrary code execution through a request to admin/videolinks_view.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
description | Adult Script <= 1.6 Unauthorized Administrative Access Exploit. CVE-2007-6414. Webapps exploit for php platform |
file | exploits/php/webapps/4731.php |
id | EDB-ID:4731 |
last seen | 2016-01-31 |
modified | 2007-12-13 |
platform | php |
port | |
published | 2007-12-13 |
reporter | Liz0ziM |
source | https://www.exploit-db.com/download/4731/ |
title | Adult Script <= 1.6 Unauthorized Administrative Access Exploit |
type | webapps |