|
|
CVE Reference: CVE-2005-1596 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-1596 |
|
|
Description: index.php in Fusion SBX 1.2 and earlier does not properly use the extract function, which allows remote attackers to bypass authentication by setting the is_logged parameter or execute arbitrary code via the maxname2 parameter. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/20531 SAID Secunia Advisory: SA15257 OSVDB 16217 16216 MISC http://www.exploits.co.in/Article1134.html http://www.securiteam.com/exploits/5OP042KFPU.html |
|
| Return to the previous page. |
