core/admin/delete.php in Podcast Generator 1.1 and previous versions does not properly restrict access to administrative functions, which allows remote malicious users to delete arbitrary files via the file parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
podcast generator podcast generator 1.0 |
||
podcast generator podcast generator 1.0_beta |
||
podcast generator podcast generator 0.96 |
||
podcast generator podcast generator 0.8 |
||
podcast generator podcast generator 0.6 |
||
podcast generator podcast generator 1.0_beta3 |
||
podcast generator podcast generator 1.0_beta2 |
||
podcast generator podcast generator 0.9 |
||
podcast generator podcast generator 0.81 |
||
podcast generator podcast generator 0.96.2 |
||
podcast generator podcast generator |
||
podcast generator podcast generator 0.95 |
||
podcast generator podcast generator 0.94 |
||
podcast generator podcast generator 1.0_beta4a |
||
podcast generator podcast generator 1.0_beta4 |
||
podcast generator podcast generator 0.93 |
||
podcast generator podcast generator 0.92 |
||
podcast generator podcast generator 0.91 |