Arxwolf

Name of the Vulnerable Software and Affected Versions: Zomplog versions 3.8.2 and earlier Description: The issue allows remote attackers to gain administrative access by creating an admin account via a direct request to "install/newuser.php" with the `admin` parameter set to 1. Recommendations: For Zomplog versions 3.8.2 and earlier, consider restricting access to the "install/newuser.php" endpoint until a fix is available. As a temporary workaround, avoid using the `admin` parameter in this endpoint to minimize the risk of exploitation.