Usermin prior to 1.220 (20060629) allows remote malicious users to read arbitrary files, possibly related to chfn/save.cgi not properly handling an empty shell parameter, which results in changing root's shell instead of the shell of a specified user.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
usermin usermin 0.5 |
||
usermin usermin 0.6 |
||
usermin usermin 0.94 |
||
usermin usermin 0.95 |
||
usermin usermin 1.030 |
||
usermin usermin 1.040 |
||
usermin usermin 1.110 |
||
usermin usermin 1.120 |
||
usermin usermin 0.9 |
||
usermin usermin 0.91 |
||
usermin usermin 0.99 |
||
usermin usermin 1.000 |
||
usermin usermin 1.070 |
||
usermin usermin 1.080 |
||
usermin usermin 1.150 |
||
usermin usermin |
||
usermin usermin 0.4 |
||
usermin usermin 0.92 |
||
usermin usermin 0.93 |
||
usermin usermin 1.010 |
||
usermin usermin 1.020 |
||
usermin usermin 1.090 |
||
usermin usermin 1.100 |
||
usermin usermin 0.7 |
||
usermin usermin 0.8 |
||
usermin usermin 0.96 |
||
usermin usermin 0.97 |
||
usermin usermin 0.98 |
||
usermin usermin 1.051 |
||
usermin usermin 1.060 |
||
usermin usermin 1.130 |
||
usermin usermin 1.140 |
Vulmon