|
|
CVE Reference: CVE-2006-5086 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-5086 |
|
|
Description: Blog Pixel Motion 2.1.1 allows remote attackers to change the username and password for the admin user via a direct request to insere_base.php with modified (1) login and (2) pass parameters. NOTE: this issue was claimed to be SQL injection by the original researcher, but it is not. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/29222 SREASON http://securityreason.com/securityalert/1653 SAID Secunia Advisory: SA22163 MISC http://acid-root.new.fr/poc/12060927.txt BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/447167/100/0/threaded |
|
| Return to the previous page. |
