7.4 High
AI Score
Confidence
Low
0.012 Low
EPSS
Percentile
85.0%
phpBazar 2.1.1fix and earlier does not require administrative authentication for admin/admin.php, which allows remote attackers to obtain access to the admin control panel via a direct request.
packetstormsecurity.org/0911-exploits/phpbazar-access.txt
www.securityfocus.com/bid/37132