Security Advisory

CVE-2009-2040

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-06-12 17:28:00

Last updated 2024-08-07 05:36:20

Assigner mitre

State PUBLISHED

Description

admin/options.php in Grestul 1.2 does not properly restrict access, which allows remote attackers to bypass authentication and create administrative accounts via a manage_admin action in a direct request.

← Browse all CVEs View on cve.org ↗