CVE-2007-2822

TutorialCMS 1.01 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication via the (1) loggedIn and (2) activated parameters to (a) login.php, (b) headerLinks.php, (c) submit1.php, (d) myFav.php, and (e) userCP.php.
Configurations

Configuration 1

cpe:2.3:a:wavelink_media:tutorialcms:*:*:*:*:*:*:*:*

Information

Published : 2007-05-22 09:30

Updated : 2017-10-11 01:32


NVD link : CVE-2007-2822

Mitre link : CVE-2007-2822

Products Affected
No products.