6.8 Medium
AI Score
Confidence
Low
0.051 Low
EPSS
Percentile
93.0%
pages/register/register.php in Fishyshoop 0.930 beta allows remote attackers to create arbitrary administrative users by setting the is_admin HTTP POST parameter to 1.
secunia.com/advisories/23490
securityreason.com/securityalert/2077
www.securityfocus.com/archive/1/455260/100/0/threaded
www.securityfocus.com/bid/21731
www.vupen.com/english/advisories/2006/5182