2 matches found
CVE-2006-1085
admin.php in PHP-Stats 0.1.9.1 and earlier allows remote attackers to bypass authentication, gain administrator privileges, and execute arbitrary PHP code by modifying the optionadminpass parameter and setting the passcookie to the MD5 hash of the specified password...
CVE-2006-1085
PHP-Stats 0.1.9.1 and earlier is affected by CVE-2006-1085. An authentication bypass allows remote attackers to gain administrator privileges and execute arbitrary PHP code by altering option[admin_pass] and setting pass_cookie to the MD5 hash of the target password. This vector can be used in co...