2 matches found
CVE-2006-2890
Pixelpost 1-5rc1-2 and earlier, when registerglobals is enabled, allows remote attackers to gain administrator privileges and conduct other attacks by setting the SESSION"pixelpostadmin" parameter to 1 in calls to admin scripts such as admin/viewinfo.php...
CVE-2006-2890
Pixelpost 1-5rc1-2 and earlier are affected when register_globals is enabled. An attacker can set _SESSION["pixelpost_admin"] = 1 in admin scripts (e.g., admin/view_info.php) to gain administrator privileges and perform other attacks. No explicit remediation is provided in the provided documents.