2 matches found
CVE-2008-4720
The CVE-2008-4720 entry concerns The Gemini Portal 4.7, where the vulnerability is a PHP remote file inclusion. The affected functionality is exposed via the lang parameter to two pages (page/forums/bottom.php and page/forums/category.php), enabling remote code execution on the server. The core i...
CVE-2008-7024
CVE-2008-7024 affects Arz Development The Gemini Portal 4.7 and earlier. The vulnerability allows remote attackers to bypass authentication and obtain administrator privileges by manipulating the user cookie to the value "admin" and setting the name parameter to "users" in admin.php. The root cau...