CVE-2009-1582

2009-05-0723:00:00

mitre

www.cve.org

6.9 Medium

AI Score

Confidence

Low

0.046 Low

EPSS

Percentile

92.6%

JSON

Million Dollar Text Links 1.0 does not properly restrict administrator access to admin.home.php, which allows remote attackers to bypass intended restrictions and gain privileges via a direct request to admin.home.php after visiting admin.php.

References

osvdb.org/54204

secunia.com/advisories/34994

www.securityfocus.com/bid/34809

exchange.xforce.ibmcloud.com/vulnerabilities/50306

www.exploit-db.com/exploits/8605