MyPicGallery 1.0 allows remote malicious users to bypass application authentication and gain administrative access by setting the userID parameter to "admin" in a direct request to admin/addUser.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mypicgallery mypicgallery 1.0 |