Sahana disaster management system 0.6.2.2, and possibly other versions, allows remote malicious users to bypass intended access restrictions and disable administrator authentication via a direct request to stream.php in an acl_enable_acl action to the admin module.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sahanafoundation sahana 0.6.2.2 |