Authentication flaw

2007-02-0711:28:00

PRIOn knowledge base

www.prio-n.com

7.8 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.9%

JSON

Les News 2.2 allows remote attackers to bypass authentication and gain administrative access via a direct request for adminews/index_fr.php3, and possibly the adminews index documents for other localizations.

CPENameOperatorVersion
les_newseq2.2

CPE	Name	Operator	Version
	les_news	eq	2.2

References

forums.avenir-geopolitique.net/viewtopic.php?t=2622

osvdb.org/33686

securityreason.com/securityalert/2226

www.securityfocus.com/archive/1/459186/100/0/threaded