EkinBoard 1.1.0 and previous versions, when register_globals is enabled, allows remote malicious users to bypass authorization and gain administrator privileges by setting the _groups[] parameter to 2, as demonstrated via backup.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ekinboard ekinboard |