CVE-2006-3935
Alkacon OpenCms before 6.2.2 has improper access control in system/workplace/views/admin/admin-main.jsp, allowing remote authenticated users to perform six admin actions (broadcast messages, list users, add webusers, upload import/export files, upload modules, read the log file) by manipulating t...