CVE-2009-3949 in Infinity Script信息

摘要

由 VulDB • 2026-06-07

VivaPrograms Infinity 2.0.5 及更早版本中的 cp/profile.php 未对 donewauthor 操作要求管理员身份验证,这使得远程攻击者能够通过 name、password 和 conf_password 参数创建管理员账户。

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

来源

Do you need the next level of professionalism?

Upgrade your account now!