The documentation for AJ-Fork 167 implies that users should set permissions for users.db.php to 777, which allows local users to execute arbitrary PHP code and gain privileges as the administrator.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cutephp cutenews 0.88 |
||
cutephp cutenews 1.3 |
||
cutephp cutenews 1.3.1 |
||
cutephp cutenews 1.3.2 |
||
cutephp cutenews 1.3.6 |
||
aj-fork aj-fork 167 |