CVE-2007-6414 in AdultScriptinfo

Summary

admin/administrator.php in Adult Script 1.6 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to bypass authentication and obtain administrative credentials via a direct request. NOTE: this can be leveraged for arbitrary code execution through a request to admin/videolinks_view.php.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

12/17/2007

Disclosure

12/17/2007

Moderation

VulDB entry created

Entries

VDB-40097 (1)

CPE

ready

CWE

CWE-255 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.03375

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-6414
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-6414
CVE Details	https://www.cvedetails.com/cve/CVE-2007-6414/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!