Design/Logic Flaw

2008-01-1800:00:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.2%

JSON

admin/index.php in Evilsentinel 1.0.9 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to gain administrative privileges and make arbitrary configuration changes.

CPENameOperatorVersion
evilsentinelle1.0.9

CPE	Name	Operator	Version
	evilsentinel	le	1.0.9

References

evilsentinel.altervista.org/forum/index.php?topic=49.0

secunia.com/advisories/28427

www.securityfocus.com/bid/27227

www.exploit-db.com/exploits/4884