CVE-2009-1652

2009-05-1618:00:00

mitre

www.cve.org

6.9 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.8%

JSON

admin/adminaddeditdetails.php in Business Community Script does not properly restrict access, which allows remote attackers to gain privileges and add administrators via a direct request.

References

osvdb.org/54493

secunia.com/advisories/35071

www.securityfocus.com/bid/34976

www.exploit-db.com/exploits/8689