CVE-2009-2040

2009-06-12T14:00:00
ID CVE-2009-2040
Type cve
Reporter NVD
Modified 2017-09-28T21:34:42

Description

admin/options.php in Grestul 1.2 does not properly restrict access, which allows remote attackers to bypass authentication and create administrative accounts via a manage_admin action in a direct request.