CVE-2006-4427

2006-08-2900:00:00

mitre

www.cve.org

AI Score

7.1

Confidence

Low

EPSS

0.111

Percentile

95.2%

JSON

index.php in eFiction before 2.0.7 allows remote attackers to bypass authentication and gain privileges by setting the (1) adminloggedin, (2) loggedin, and (3) level parameters to “1”.

References

efiction.org/forums/index.php?topic=3698

secunia.com/advisories/21625

www.osvdb.org/28237

www.securityfocus.com/bid/19717

www.vupen.com/english/advisories/2006/3392

exchange.xforce.ibmcloud.com/vulnerabilities/28595

www.exploit-db.com/exploits/2255