Absolute Form Processor XE 1.5 allows remote malicious users to bypass authentication and gain administrative access by setting the xlaAFPadmin cookie to "lvl=1&userid=1."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xigla absolute control panel xe 1.5 |