3 matches found
CVE-2004-1567
profile.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to gain privileges by setting the mail parameter to 1, which is the value for an administrator...
CVE-2004-1567
Silent Storm Portal (2.1/2.2) exposes a privilege escalation in profile.php: setting the mail parameter to 1 (the admin value) allows remote attackers to gain administrator privileges. Vulnerable parameter handling is the root cause; the CVE entry documents this as an admin-privilege bypass via a...
CVE-2004-1567
profile.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to gain privileges by setting the mail parameter to 1, which is the value for an administrator...