admin.php in Arz Development The Gemini Portal 4.7 and previous versions allows remote malicious users to bypass authentication and gain administrator privileges by setting the user cookie to "admin" and setting the name parameter to "users."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
arzdev gemini lite 3.6 |
||
arzdev gemini portal 4.7 |
||
arzdev gemini lite 3.5 |