Install.php in BosDev BosNews 4 and 5 does not require authentication for replacing an existing product installation or creating a new admin account, which allows remote malicious users to cause a denial of service (overwritten files) and possibly obtain administrative access.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bosdev bosnews 5 |
||
bosdev bosnews 4 |