CVE-2006-3531
Pivot 1.30 RC2 and earlier are affected by CVE-2006-3531 due to authentication credentials being constructed from request parameters in includes/editor/insert_image.php. This enables remote attackers to escalate privileges and upload arbitrary files by modifying (1) pass, (2) session, (3) pass an...