PHP-Coolfile 1.4 Unauthorized Administrative Access Vulnerability

2014-07-01T00:00:00
ID SSV:77140
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/9018/info

PHP-Coolfile allows unauthorized administrative access due to an error in the way access is evaluated in the action.php file. This could allow a remote user to obtain the administrative username and password for the site.

www.site.com/php-coolfile/action.php?action=edit&file=config.php