Allons_voter 1.0 allows remote malicious users to bypass authentication and access certain administrative functionality via a direct request for (1) admin_ajouter.php or (2) admin_supprimer.php. NOTE: this could be leveraged to conduct cross-site scripting (XSS) attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
allons voter allons voter 1.0 |