CVE-2006-2890

2006-06-07T10:02:00
ID CVE-2006-2890
Type cve
Reporter cve@mitre.org
Modified 2018-10-18T16:43:00

Description

Pixelpost 1-5rc1-2 and earlier, when register_globals is enabled, allows remote attackers to gain administrator privileges and conduct other attacks by setting the _SESSION["pixelpost_admin"] parameter to 1 in calls to admin scripts such as admin/view_info.php.