The (1) verif_admin.php and (2) check_admin.php scripts in Truegalerie 1.0 allow remote malicious users to gain administrator access via a request to admin.php without the connect parameter and with the loggedin parameter set to any value, such as 1.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
truelogik truegalerie 1.0 |