header-logo
Suggest Exploit
vendor:
Multiple Rad Scripts products
by:
SecurityFocus
8.8
CVSS
HIGH
Authentication-Bypass
287
CWE
Product Name: Multiple Rad Scripts products
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

Multiple Rad Scripts Products Authentication-Bypass Vulnerability

Multiple Rad Scripts products are prone to an authentication-bypass vulnerability. These issues occur because the applications fail to prevent an attacker from accessing admin scripts directly without requiring authentication. A remote attacker can exploit these issues to perform administrative functions without requiring authentication. For example, the attacker may be able to overwrite existing files on the vulnerable computer in the context of the webserver process.

Mitigation:

Ensure that authentication is required for all administrative functions.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/19128/info

Multiple Rad Scripts products are prone to an authentication-bypass vulnerability. These issues occur because the applications fail to prevent an attacker from accessing admin scripts directly without requiring authentication.

A remote attacker can exploit these issues to perform administrative functions without requiring authentication. For example, the attacker may be able to overwrite existing files on the vulnerable computer in the context of the webserver process.

http://target.xxx/[product_home]/admin/a_editpage.php?filename=[arbitrary_file]

Navigation

Suggest Exploit

Services By CQR