Arbitrary Account Creation and Privilege Escalation in Web Content Management News System

Arbitrary Account Creation and Privilege Escalation in Web Content Management News System

CVE-2005-2489 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Web Content Management News System allows remote attackers to create arbitrary accounts and gain privileges via a direct request to Admin/Users/AddModifyInput.php.

Learn more about our User Device Pen Test.