7.1 High
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
83.5%
setup.php in phpStat 1.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the $check variable.
marc.info/?l=bugtraq&m=111721290726958&w=2
secunia.com/advisories/15516
securitytracker.com/id?1014064
www.soulblack.com.ar/repo/papers/advisory/PhpStat_advisory.txt
www.soulblack.com.ar/repo/tools/sbphpstatpoc.txt