Vulnerabilities > Vivaprograms

DATE CVE VULNERABILITY TITLE RISK
2009-11-16 CVE-2009-3949 Permissions, Privileges, and Access Controls vulnerability in Vivaprograms Infinity Script 2.0.0
cp/profile.php in VivaPrograms Infinity 2.0.5 and earlier does not require administrative authentication for the donewauthor action, which allows remote attackers to create administrative accounts via the name, password, and conf_password parameters.
network
low complexity
vivaprograms CWE-264
7.5