Lucene search
PRIOn knowledge basePRION:CVE-2009-3949HistoryNov 16, 2009 - 8:30 p.m.
Authentication flaw
2009-11-1620:30:00
PRIOn knowledge base
www.prio-n.com
1
cp/profile.php in VivaPrograms Infinity 2.0.5 and earlier does not require administrative authentication for the donewauthor action, which allows remote attackers to create administrative accounts via the name, password, and conf_password parameters.
| CPE | Name | Operator | Version |
|---|---|---|---|
| infinity_script | le | 2.0.5 | |
| infinity_script | eq | 2.0.0 |
Related
cve
cve
CVE-2009-3949
2009-11-16 20:30:00
nvd
nvd
CVE-2009-3949
2009-11-16 20:30:00
cvelist
cvelist
CVE-2009-3949
2009-11-16 20:00:00