2 matches found
CVE-2005-4458
The CVE-2005-4458 entry concerns Metadot Portal Server (Group.pm) versions 6.4.4 and earlier. The flaw stems from not resetting the global privilege flags ($IS_OWNER, $IS_ADMIN, $IS_MANAGER) when performing privilege checks, enabling a user to grant themselves administrator rights by adding to th...
CVE-2005-4458
Group.pm in Metadot Portal Server 6.4.4 and earlier does not properly reset the $ISOWNER, $ISADMIN, and $ISMANAGER global variables when performing checks for special privileges, which allows users to gain administrator privileges by adding themselves to the SITEMGR group...